mirror of
https://github.com/truenas/charts.git
synced 2026-02-10 22:06:15 +08:00
929e60d801
* Adapt charts CI and improve/fix common * add check on permissions contaienr * add postgres template * update comments * Update create_app.sh * add check * update script * auto gen item.yaml from Chart,yaml * rename readme on dest * duplicate readme from the same source * correct comment * reoder * remove extra space * keep both README and app-readme * update regex, to also allow 2 letter names, which is also valid * No need to check host network if there aren't any pod values * use same pattern as the pod.name label (not prepending release-name * update deps * add chart dirs to ci * Add a validation to check if there is any yaml errors after merging files * update charts path on ci * common/1.0.0/ -> common/ * update common-test dep path * temp update create_app script * make permissions container name configurable, incase we want to change order of execution * update naming convention * fix typo and a missed name change * do not allow `--` in names
60 lines
3.0 KiB
Markdown
60 lines
3.0 KiB
Markdown
# Fixed Env
|
|
|
|
Assume every key below has a prefix of `workload.[workload-name].podSpec.containers.[container-name]`.
|
|
|
|
| Key | Type | Required | Helm Template | Default | Description |
|
|
| :------------------- | :------: | :------: | :-----------: | :---------------------------------------------: | :---------------------------------------------------------------------------- |
|
|
| fixedEnv | `dict` | ❌ | ❌ | `{}` | Override fixed Envs for the container |
|
|
| fixedEnv.TZ | `string` | ❌ | ❌ | `{{ .Values.TZ }}` | Override default TZ for the container |
|
|
| fixedEnv.UMASK | `string` | ❌ | ❌ | `{{ .Values.securityContext.container.UMASK }}` | Override the default UMASK for the container (Applies to UMASK and UMASK_SET) |
|
|
| fixedEnv.PUID | `string` | ❌ | ❌ | `{{ .Values.securityContext.container.PUID }}` | Override the default PUID for the container (Applies to PUID. USER_ID, UID) |
|
|
| fixedEnv.NVIDIA_CAPS | `list` | ❌ | ❌ | `{{ .Values.resources.NVIDIA_CAPS }}` | Override the default NVIDIA_CAPS for the container, each entry is a string |
|
|
|
|
> Environment variables in `fixedEnv` will be scanned for duplicate keys
|
|
> between other secrets/configmaps/env/envList and will throw an error if it finds any.
|
|
|
|
---
|
|
|
|
Notes:
|
|
|
|
By default it will set the following environment variables:
|
|
|
|
- TZ: `{{ .Values.TZ }}` (or the value set in the container level under `fixedEnv`)
|
|
- UMASK: `{{ .Values.securityContext.container.UMASK }}` (or the value set in the container level under `fixedEnv`)
|
|
- UMASK_SET: `{{ .Values.securityContext.container.UMASK }}` (or the value set in the container level under `fixedEnv`)
|
|
- S6_READ_ONLY_ROOT: `1` (Only when `readOnlyRootFilesystem` or `runAsNonRoot` is `true`)
|
|
- PUID, USER_ID, UID: `{{ .Values.securityContext.container.PUID }}` (or the value set in the container level under `fixedEnv`)
|
|
- Only when `runAsUser` or `runAsGroup` is `0`
|
|
- PGID, GROUP_ID, GID: To the `fsGroup` set for the pod (Either the default or the overridden value)
|
|
- Only when `runAsUser` or `runAsGroup` is `0`
|
|
- NVIDIA_DRIVER_CAPABILITIES: `{{ .Values.resources.NVIDIA_CAPS }}` (or the value set in the container level under `fixedEnv`)
|
|
- Only when `scaleGPU` is assigned to the container
|
|
|
|
---
|
|
|
|
Appears in:
|
|
|
|
- `.Values.workload.[workload-name].podSpec.containers.[container-name].fixedEnv`
|
|
|
|
---
|
|
|
|
Examples:
|
|
|
|
```yaml
|
|
workload:
|
|
workload-name:
|
|
enabled: true
|
|
primary: true
|
|
podSpec:
|
|
containers:
|
|
container-name:
|
|
enabled: true
|
|
primary: true
|
|
fixedEnv:
|
|
TZ: "America/New_York"
|
|
NVIDIA_CAPS:
|
|
- compute
|
|
UMASK: "003"
|
|
PUID: "0"
|
|
```
|