mirror of
https://github.com/truenas/charts.git
synced 2026-04-24 02:20:15 +08:00
5b1abdd839
* fix
* fix
* some more
* somefixs
* whops
* initial structure
* finish up configmap
* secret class
* runtest secret
* move files arround
* ignore
* make clear on call template that need root context
* imagePullSecret (minus targetSelector)
* move out of the way
* clean up comment
* deployment basic spec
* daemonset basic spec
* statefulset spec
* split file
* docs
* update values
* job spec
* job docs
* cronJob basic spec
* job in cron test
* add common version
* podsepc
* whoopsis
* selectorlabels and pod metadata
* job and cron pod metadata
* update docs
* consistent order
* get ready for pod
* first targetSelector
* remove todo
* update docs
* add hostnet and enableservicelinks
* update selector logic
* update docs
* add tests for restartpolicy
* schedulerName
* priorityclassname
* hostname
* termperiodsec
* nodeselector
* add fail case
* host aliases
* dns policy
* dns config
* tolerations
* serviceaccoutn class, spawner, saname selector
* add pod todo
* update some tests
* add runtimeclassname
* controllers -> workload and plurar to singular
* require at least 1 primary on enabled SAs
* fix script
* remove wrong comment
* update naming scheme
* update rbac values ref
* rbac docs
* rbac's
* append short name, for future use
* update comments
* initial service wireframe
* shorten line
* simplify labels and update tests
* service selectors
* simplify error messages
* finish clusterIP type
* loadbalancer
* noedport
* externalname
* external ip
* update service
* fix highlighting
* session affinity
* add comment
* update comments
* service ports
* fix indentation
* externalname can have no ports
* fixup externalIP
* add pvc class and spawner and tests
* add nfs and emptyDir vols
* example
* extend docs a bit
* not create pvc if existing claim is set
* helm... you are dumb really. how this fixes an unrelated test
* add configmap
* add secret vol
* add pvc vol
* add hostpath
* finish volumes
* initial podsec
* podsec context with some todo's to check
* automatic sysctls
* remove todo
* update doc struct
* split docs
* split service docs
* initial container plumbing
* fix tests
* fix test
* rename to class
* command and args
* termination
* add lifecycle
* int value from tpl
* another case
* fix service protocol tpl
* update readme
* ports
* update todo
* cleanup values a bit
* only add sysctl when port is bellow 1024
* whops, thats a different range
* update avlue
* move some old docs to the "to be deleted" dir
* externalinteface validation
* update an error message and apply externalinterface annotations to workloads
* external interfaces
* TZ - TIMEZONE
* update rdoc
* reduce code duple
* device vol type
* initial certificate plumbing
* update comments
* finish secret creation of certificate
* cert dosc
* volumeMounts
* scale certs
* doc
* add tests for volMounts
* values updates
* update todo
* add test case
* remove some todo
* update todos
* vct
* remove tdoo
* restore default
* rename function
* make selectorlabels a bit better
* trim
* some cleanup
* update some ci values
* update ci
* rollingup defaults
* rename dir
* fix nil pointers
* check the same strategy var
* whops
* fix tests
* typo
* not a good day for copy paste
* move check
* move another check
* fix some tests for upcoming probes
* one mroe
* split docs
* add default probes for `main` and docs
* add probes and some ci testruns
* whops
* fix an edge case
* add an error for edge case
* runtests
* runtest updaets
* update
* check if podvalues exist first
* force types
* force only one of the 2
* quote labels and annotaions values
* job/cron have auto gen selectors
* remove false test
* fix maxsureg
* fix end
* different fix
* fix some tests
* fix rollUp
* try to fix 3.9.4 helm
* move file to helpers
* use capital types in probes and lifecycle
* Revert "use capital types in probes and lifecycle"
This reverts commit 380ebd5f1f.
* typo
* use lowercase for protocol everywhere
* rbac runtest
* prune old
* add resources
* add resources
* fix rbc
* fix sa naming in pod
* fix test
* 44 suppl group on gpu
* remove todo
* extract function in another file
* whops
* add securityContext implementation
* add fail cases
* add rest of the tests
* remove todo
* envFrom
* minify
* env list
* add env
* add envdupe check tests
* add fixed envs
* replace containers with callers
* add callers
* add initContainer
* add init run test
* reset default test val
* add name tests
* add some more tests
* rename
* validate workload type only if enabled
* lint fix for 3.9.4
* add tpl on init enabled
* whops
* fix init
* echo
* echo
* args...
* list
* comment out disabled persistences
* fix some typos and improve resources `requests` requirement
* improve docs a bit
* require name,description,version,type
* add some wording regarding what Helm Template column means
* add title as requirement
* remove scheduler
* remove priority class name
* remove nfs + externalIP
* remove LB
* remove STS & VCT
* fix a test
* remove nodeselector
* remove DS
* remove pvc
* remove todo
* conditionally print the type, as we might want to use the template to select all objects inthe chart
* add some docs
* docs for notes
* add `tls.` in the certificate secret, according to k8s docs
* add some basic docs around the rest of the options
* clean values.yaml
* catch an edge case
* remove externalName
* set autmountSA on SA to false
* add note about the automountSA
3.0 KiB
3.0 KiB
Fixed Env
Assume every key below has a prefix of workload.[workload-name].podSpec.containers.[container-name].
| Key | Type | Required | Helm Template | Default | Description |
|---|---|---|---|---|---|
| fixedEnv | dict |
❌ | ❌ | {} |
Override fixed Envs for the container |
| fixedEnv.TZ | string |
❌ | ❌ | {{ .Values.TZ }} |
Override default TZ for the container |
| fixedEnv.UMASK | string |
❌ | ❌ | {{ .Values.containerOptions.UMASK }} |
Override the default UMASK for the container (Applies to UMASK and UMASK_SET) |
| fixedEnv.PUID | string |
❌ | ❌ | {{ .Values.containerOptions.PUID }} |
Override the default PUID for the container (Applies to PUID. USER_ID, UID) |
| fixedEnv.NVIDIA_CAPS | list |
❌ | ❌ | {{ .Values.containerOptions.NVIDIA_CAPS }} |
Override the default NVIDIA_CAPS for the container, each entry is a string |
Environment variables in
fixedEnvwill be scanned for duplicate keys between other secrets/configmaps/env/envList and will throw an error if it finds any.
Notes:
By default it will set the following environment variables:
- TZ:
{{ .Values.TZ }}(or the value set in the container level underfixedEnv) - UMASK:
{{ .Values.containerOptions.UMASK }}(or the value set in the container level underfixedEnv) - UMASK_SET:
{{ .Values.containerOptions.UMASK }}(or the value set in the container level underfixedEnv) - S6_READ_ONLY_ROOT:
1(Only whenreadOnlyRootFilesystemorrunAsNonRootistrue) - PUID, USER_ID, UID:
{{ .Values.containerOptions.PUID }}(or the value set in the container level underfixedEnv)- Only when
runAsUserorrunAsGroupis0
- Only when
- PGID, GROUP_ID, GID: To the
fsGroupset for the pod (Either the default or the overrided value)- Only when
runAsUserorrunAsGroupis0
- Only when
- NVIDIA_DRIVER_CAPABILITIES:
{{ .Values.containerOptions.NVIDIA_CAPS }}(or the value set in the container level underfixedEnv)- Only when
scaleGPUis assigned to the container
- Only when
Appears in:
.Values.workload.[workload-name].podSpec.containers.[container-name].fixedEnv
Examples:
workload:
workload-name:
enabled: true
primary: true
podSpec:
containers:
container-name:
enabled: true
primary: true
fixedEnv:
TZ: "America/New_York"
NVIDIA_CAPS:
- compute
UMASK: "003"
PUID: "0"