diff --git a/build_system/charts/open-appsec-k8s-nginx-ingress/templates/appsec.yaml b/build_system/charts/open-appsec-k8s-nginx-ingress/templates/appsec.yaml index 42f6109..a399c18 100644 --- a/build_system/charts/open-appsec-k8s-nginx-ingress/templates/appsec.yaml +++ b/build_system/charts/open-appsec-k8s-nginx-ingress/templates/appsec.yaml @@ -1,1207 +1,303 @@ - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} {{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - {{- end }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- include "isControllerTagValid" . -}} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} apiVersion: apps/v1 - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if (eq .Values.kind "AppSec") }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if (eq .Values.controller.kind "DaemonSet") }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} kind: DaemonSet - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- else }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} kind: Deployment - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- else if eq .Values.kind "AppSecStateful" }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} kind: StatefulSet - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} metadata: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} labels: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- include "ingress-nginx.labels" . | nindent 4 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} app.kubernetes.io/component: controller - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- with .Values.controller.labels }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- toYaml . | nindent 4 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} name: {{ include "ingress-nginx.controller.fullname" . }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} namespace: {{ .Release.Namespace }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.annotations }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} annotations: {{ toYaml .Values.controller.annotations | nindent 4 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} spec: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} selector: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} matchLabels: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- include "ingress-nginx.selectorLabels" . | nindent 6 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} app.kubernetes.io/component: controller - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if not (or .Values.controller.autoscaling.enabled .Values.controller.keda.enabled) }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if eq .Values.kind "AppSecStateful" }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} serviceName: "open-appsec-stateful-set" - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if or (not (eq .Values.controller.kind "DaemonSet")) (and (eq .Values.kind "AppSecStateful") (eq .Values.controller.kind "DaemonSet")) }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} replicas: {{ .Values.controller.replicaCount }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.updateStrategy }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - updateStrategy: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} + updateStrategy: {{ toYaml .Values.controller.updateStrategy | nindent 4 }}: {{- else }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} strategy: {{ toYaml .Values.controller.updateStrategy | nindent 4 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if (eq .Values.kind "AppSec") }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} minReadySeconds: {{ .Values.controller.minReadySeconds }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} template: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} metadata: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.podAnnotations }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} annotations: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- range $key, $value := .Values.controller.podAnnotations }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{ $key }}: {{ $value | quote }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} labels: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- include "ingress-nginx.labels" . | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} app.kubernetes.io/component: controller - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- with .Values.controller.labels }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- toYaml . | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.podLabels }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- toYaml .Values.controller.podLabels | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} spec: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.dnsConfig }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} dnsConfig: {{ toYaml .Values.controller.dnsConfig | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.hostAliases }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} hostAliases: {{ tpl (toYaml .Values.controller.hostAliases) $ | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.hostname }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} hostname: {{ toYaml .Values.controller.hostname | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} dnsPolicy: {{ .Values.controller.dnsPolicy }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.imagePullSecrets }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.priorityClassName }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} priorityClassName: {{ .Values.controller.priorityClassName | quote }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if or .Values.controller.podSecurityContext .Values.controller.sysctls }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} securityContext: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.podSecurityContext }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- toYaml .Values.controller.podSecurityContext | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.sysctls }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} sysctls: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- range $sysctl, $value := .Values.controller.sysctls }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: {{ $sysctl | quote }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} value: {{ $value | quote }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.shareProcessNamespace }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} shareProcessNamespace: {{ .Values.controller.shareProcessNamespace }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} containers: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: {{ .Values.appsec.name }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} securityContext: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{ toYaml .Values.appsec.securityContext | nindent 12 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- $tag := .Values.appsec.image.tag }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.appsec.configMapContent.crowdsec.enabled }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- $tag = "crowdsec-1.2314-rc1" }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- with .Values.appsec.image }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} image: "{{- if .registry }}{{ .registry }}/{{- end }}{{- if .repository }}{{ .repository }}/{{- end }}{{ .image }}{{- if .tag }}:{{ .tag }}{{- end }}{{- if (.digest) -}} @{{.digest}} {{- end }}" - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} command: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - {{ .Values.appsec.command }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} imagePullPolicy: {{ .Values.appsec.image.pullPolicy }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} args: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if (eq "standalone" .Values.appsec.mode) }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - --hybrid-mode - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - --token - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - cp-3fb5c718-5e39-47e6-8d5e-99b4bc5660b74b4b7fc8-5312-451d-a763-aaf7872703c0 - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- else }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - --token - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - {{ .Values.appsec.agentToken }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end -}} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.appsec.customFog.enabled }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - --fog - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - {{ .Values.appsec.customFog.fogAddress }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.appsec.proxy }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - --proxy - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - {{ .Values.appsec.proxy }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} imagePullPolicy: {{ .Values.appsec.image.pullPolicy }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} env: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: user_email - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} value: {{ .Values.appsec.userEmail }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: registered_server - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} value: "NGINX Server" - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if eq .Values.appsec.playground false }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: SHARED_STORAGE_HOST - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} value: {{ .Values.appsec.storage.name }}-svc - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: LEARNING_HOST - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} value: {{ .Values.appsec.learning.name }}-svc - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- else }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: PLAYGROUND - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} value: "true" - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} envFrom: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - configMapRef: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} name: {{ .Values.appsec.configMapName | default "appsec-settings-configmap" }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - secretRef: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} name: {{ .Values.appsec.secretName | default "appsec-settings-secret" }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} resources: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{ toYaml .Values.resources | nindent 12 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} volumeMounts: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: advanced-model - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} mountPath: /advanced-model - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if (eq .Values.appsec.persistence.enabled true) }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: appsec-conf - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} mountPath: /etc/cp/conf - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: appsec-data - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} mountPath: /etc/cp/data - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: {{ .Values.controller.containerName }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- $tag := .Values.appsec.nginx.image.tag }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.appsec.configMapContent.crowdsec.enabled }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- $tag = "1.2303.1-rc1-v1.3.0" }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- with .Values.appsec.nginx.image }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} image: "{{ .repository }}:{{ .tag }}" - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} imagePullPolicy: {{ .Values.controller.image.pullPolicy }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.lifecycle }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} lifecycle: {{ toYaml .Values.controller.lifecycle | nindent 12 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} args: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- include "ingress-nginx.params" . | nindent 12 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} securityContext: {{ include "controller.containerSecurityContext" . | nindent 12 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} env: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: POD_NAME - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} valueFrom: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} fieldRef: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} fieldPath: metadata.name - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: POD_NAMESPACE - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} valueFrom: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} fieldRef: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} fieldPath: metadata.namespace - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.enableMimalloc }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: LD_PRELOAD - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} value: /usr/local/lib/libmimalloc.so - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.extraEnvs }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- toYaml .Values.controller.extraEnvs | nindent 12 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.startupProbe }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} startupProbe: {{ toYaml .Values.controller.startupProbe | nindent 12 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.livenessProbe }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} livenessProbe: {{ toYaml .Values.controller.livenessProbe | nindent 12 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.readinessProbe }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} readinessProbe: {{ toYaml .Values.controller.readinessProbe | nindent 12 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} ports: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- range $key, $value := .Values.controller.containerPort }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: {{ $key }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} containerPort: {{ $value }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} protocol: TCP - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if $.Values.controller.hostPort.enabled }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} hostPort: {{ index $.Values.controller.hostPort.ports $key | default $value }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.metrics.enabled }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: {{ .Values.controller.metrics.portName }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} containerPort: {{ .Values.controller.metrics.port }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} protocol: TCP - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.admissionWebhooks.enabled }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: webhook - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} containerPort: {{ .Values.controller.admissionWebhooks.port }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} protocol: TCP - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- range $key, $value := .Values.tcp }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-tcp - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} containerPort: {{ $key }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} protocol: TCP - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if $.Values.controller.hostPort.enabled }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} hostPort: {{ $key }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- range $key, $value := .Values.udp }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-udp - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} containerPort: {{ $key }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} protocol: UDP - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if $.Values.controller.hostPort.enabled }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} hostPort: {{ $key }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} volumeMounts: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if (or .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: modules - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{ if .Values.controller.image.chroot }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} mountPath: /chroot/modules_mount - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{ else }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} mountPath: /modules_mount - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{ end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.customTemplate.configMapName }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - mountPath: /etc/nginx/template - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} name: nginx-template-volume - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} readOnly: true - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.admissionWebhooks.enabled }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: webhook-cert - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} mountPath: /usr/local/certificates/ - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} readOnly: true - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.extraVolumeMounts }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- toYaml .Values.controller.extraVolumeMounts | nindent 12 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.resources }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} resources: {{ toYaml .Values.controller.resources | nindent 12 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.extraContainers }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{ toYaml .Values.controller.extraContainers | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if (or .Values.controller.extraInitContainers .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} initContainers: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.extraInitContainers }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{ toYaml .Values.controller.extraInitContainers | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.extraModules }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- range .Values.controller.extraModules }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- $containerSecurityContext := .containerSecurityContext | default $.Values.controller.containerSecurityContext }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- include "extraModules" (dict "name" .name "image" .image "containerSecurityContext" $containerSecurityContext) | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.opentelemetry.enabled}} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- $otelContainerSecurityContext := $.Values.controller.opentelemetry.containerSecurityContext | default $.Values.controller.containerSecurityContext }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{ $otelResources := $.Values.controller.opentelemetry.resources | default dict }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- include "extraModules" (dict "name" "opentelemetry" "image" .Values.controller.opentelemetry.image "containerSecurityContext" $otelContainerSecurityContext "distroless" true "resources" $otelResources) | nindent 8}} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end}} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.hostNetwork }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} hostNetwork: {{ .Values.controller.hostNetwork }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.nodeSelector }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} nodeSelector: {{ toYaml .Values.controller.nodeSelector | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.tolerations }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} tolerations: {{ toYaml .Values.controller.tolerations | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.affinity }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} affinity: {{ toYaml .Values.controller.affinity | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.topologySpreadConstraints }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} topologySpreadConstraints: {{ tpl (toYaml .Values.controller.topologySpreadConstraints) $ | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} serviceAccountName: {{ template "ingress-nginx.serviceAccountName" . }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} volumes: - name: advanced-model configMap: @@ -1215,121 +311,34 @@ spec: persistentVolumeClaim: claimName: {{ .Values.appsec.name }}-data {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if (or .Values.controller.extraModules .Values.controller.opentelemetry.enabled)}} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: modules - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} emptyDir: {} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.customTemplate.configMapName }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: nginx-template-volume - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} configMap: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} name: {{ .Values.controller.customTemplate.configMapName }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} items: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - key: {{ .Values.controller.customTemplate.configMapKey }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} path: nginx.tmpl - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.admissionWebhooks.enabled }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - name: webhook-cert - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} secret: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} secretName: {{ include "ingress-nginx.fullname" . }}-admission - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.admissionWebhooks.certManager.enabled }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} items: - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - key: tls.crt - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} path: cert - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} - key: tls.key - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} path: key - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if .Values.controller.extraVolumes }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{ toYaml .Values.controller.extraVolumes | nindent 8 }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- end }} - {{- if (and (not (eq .Values.kind "AppSecStateful")) (eq .Values.controller.kind "DaemonSet")) }} -{{- if (not (eq .Values.kind "Vanilla")) }} - {{ else }} {{- if (and (eq .Values.kind "AppSecStateful") .Values.appsec.persistence.enabled) }} volumeClaimTemplates: - metadata: