Bitnami package for Flux

Source Controller is a component of Flux. Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration.

Overview of Flux

Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.

TL;DR

helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/flux

Note: You need to substitute the placeholders REGISTRY_NAME and REPOSITORY_NAME with a reference to your Helm chart registry and repository.

Introduction

This chart bootstraps a Flux deployment on a Kubernetes cluster using the Helm package manager.

Bitnami charts can be used with Kubeapps for deployment and management of Helm Charts in clusters.

Prerequisites

Kubernetes 1.23+
Helm 3.8.0+

Installing the Chart

To install the chart with the release name my-release:

helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/flux

Note: You need to substitute the placeholders REGISTRY_NAME and REPOSITORY_NAME with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use REGISTRY_NAME=registry-1.docker.io and REPOSITORY_NAME=bitnamicharts.

The command deploys flux on the Kubernetes cluster in the default configuration. The Parameters section lists the parameters that can be configured during installation.

Tip: List all releases using helm list

Parameters

Global parameters

Name	Description	Value
`global.imageRegistry`	Global Docker image registry	`""`
`global.imagePullSecrets`	Global Docker registry secret names as an array	`[]`
`global.defaultStorageClass`	Global default StorageClass for Persistent Volume(s)	`""`
`global.storageClass`	DEPRECATED: use global.defaultStorageClass instead	`""`
`global.compatibility.openshift.adaptSecurityContext`	Adapt the securityContext sections of the deployment to make them compatible with Openshift restricted-v2 SCC: remove runAsUser, runAsGroup and fsGroup and let the platform use their allowed default IDs. Possible values: auto (apply if the detected running cluster is Openshift), force (perform the adaptation always), disabled (do not perform adaptation)	`auto`

Common parameters

Name	Description	Value
`kubeVersion`	Override Kubernetes version	`""`
`nameOverride`	String to partially override common.names.name	`""`
`fullnameOverride`	String to fully override common.names.fullname	`""`
`namespaceOverride`	String to fully override common.names.namespace	`""`
`commonLabels`	Labels to add to all deployed objects	`{}`
`commonAnnotations`	Annotations to add to all deployed objects	`{}`
`clusterDomain`	Kubernetes cluster domain name	`cluster.local`
`extraDeploy`	Array of extra objects to deploy with the release	`[]`
`diagnosticMode.enabled`	Enable diagnostic mode (all probes will be disabled and the command will be overridden)	`false`
`diagnosticMode.command`	Command to override all containers in the deployment	`["sleep"]`
`diagnosticMode.args`	Args to override all containers in the deployment	`["infinity"]`

Kustomize Controller Parameters

Name	Description	Value
`kustomizeController.enabled`	Enable Kustomize Controller	`true`
`kustomizeController.installCRDs`	Flag to install Kustomize Controller CRDs	`true`
`kustomizeController.watchAllNamespaces`	Watch for custom resources in all namespaces	`true`
`kustomizeController.image.registry`	Kustomize Controller image registry	`REGISTRY_NAME`
`kustomizeController.image.repository`	Kustomize Controller image repository	`REPOSITORY_NAME/fluxcd-kustomize-controller`
`kustomizeController.image.digest`	Kustomize Controller image digest in the way sha256:aa…. Please note this parameter, if set, will override the tag image tag (immutable tags are recommended)	`""`
`kustomizeController.image.pullPolicy`	Kustomize Controller image pull policy	`IfNotPresent`
`kustomizeController.image.pullSecrets`	Kustomize Controller image pull secrets	`[]`
`kustomizeController.image.debug`	Enable Kustomize Controller image debug mode	`false`
`kustomizeController.replicaCount`	Number of Kustomize Controller replicas to deploy	`1`
`kustomizeController.containerPorts.metrics`	Kustomize Controller metrics container port	`8080`
`kustomizeController.containerPorts.health`	Kustomize Controller health container port	`9440`
`kustomizeController.networkPolicy.enabled`	Specifies whether a NetworkPolicy should be created	`true`
`kustomizeController.networkPolicy.allowExternal`	Don’t require server label for connections	`true`
`kustomizeController.networkPolicy.allowExternalEgress`	Allow the pod to access any range of port and all destinations.	`true`
`kustomizeController.networkPolicy.kubeAPIServerPorts`	List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security)	`[]`
`kustomizeController.networkPolicy.extraIngress`	Add extra ingress rules to the NetworkPolicy	`[]`
`kustomizeController.networkPolicy.extraEgress`	Add extra ingress rules to the NetworkPolicy	`[]`
`kustomizeController.networkPolicy.ingressNSMatchLabels`	Labels to match to allow traffic from other namespaces	`{}`
`kustomizeController.networkPolicy.ingressNSPodMatchLabels`	Pod labels to match to allow traffic from other namespaces	`{}`
`kustomizeController.livenessProbe.enabled`	Enable livenessProbe on Kustomize Controller containers	`true`
`kustomizeController.livenessProbe.initialDelaySeconds`	Initial delay seconds for livenessProbe	`5`
`kustomizeController.livenessProbe.periodSeconds`	Period seconds for livenessProbe	`10`
`kustomizeController.livenessProbe.timeoutSeconds`	Timeout seconds for livenessProbe	`5`
`kustomizeController.livenessProbe.failureThreshold`	Failure threshold for livenessProbe	`5`
`kustomizeController.livenessProbe.successThreshold`	Success threshold for livenessProbe	`1`
`kustomizeController.readinessProbe.enabled`	Enable readinessProbe on Kustomize Controller containers	`true`
`kustomizeController.readinessProbe.initialDelaySeconds`	Initial delay seconds for readinessProbe	`5`
`kustomizeController.readinessProbe.periodSeconds`	Period seconds for readinessProbe	`10`
`kustomizeController.readinessProbe.timeoutSeconds`	Timeout seconds for readinessProbe	`5`
`kustomizeController.readinessProbe.failureThreshold`	Failure threshold for readinessProbe	`5`
`kustomizeController.readinessProbe.successThreshold`	Success threshold for readinessProbe	`1`
`kustomizeController.startupProbe.enabled`	Enable startupProbe on Kustomize Controller containers	`false`
`kustomizeController.startupProbe.initialDelaySeconds`	Initial delay seconds for startupProbe	`5`
`kustomizeController.startupProbe.periodSeconds`	Period seconds for startupProbe	`10`
`kustomizeController.startupProbe.timeoutSeconds`	Timeout seconds for startupProbe	`5`
`kustomizeController.startupProbe.failureThreshold`	Failure threshold for startupProbe	`5`
`kustomizeController.startupProbe.successThreshold`	Success threshold for startupProbe	`1`
`kustomizeController.customLivenessProbe`	Custom livenessProbe that overrides the default one	`{}`
`kustomizeController.customReadinessProbe`	Custom readinessProbe that overrides the default one	`{}`
`kustomizeController.customStartupProbe`	Custom startupProbe that overrides the default one	`{}`
`kustomizeController.resourcesPreset`	Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if kustomizeController.resources is set (kustomizeController.resources is recommended for production).	`nano`
`kustomizeController.resources`	Set container requests and limits for different resources like CPU or memory (essential for production workloads)	`{}`
`kustomizeController.podSecurityContext.enabled`	Enabled Kustomize Controller pods’ Security Context	`true`
`kustomizeController.podSecurityContext.fsGroupChangePolicy`	Set filesystem group change policy	`Always`
`kustomizeController.podSecurityContext.sysctls`	Set kernel settings using the sysctl interface	`[]`
`kustomizeController.podSecurityContext.supplementalGroups`	Set filesystem extra groups	`[]`
`kustomizeController.podSecurityContext.fsGroup`	Set Kustomize Controller pod’s Security Context fsGroup	`1001`
`kustomizeController.containerSecurityContext.enabled`	Enabled Kustomize Controller containers’ Security Context	`true`
`kustomizeController.containerSecurityContext.seLinuxOptions`	Set SELinux options in container	`{}`
`kustomizeController.containerSecurityContext.runAsUser`	Set containers’ Security Context runAsUser	`1001`
`kustomizeController.containerSecurityContext.runAsGroup`	Set containers’ Security Context runAsGroup	`1001`
`kustomizeController.containerSecurityContext.runAsNonRoot`	Set Kustomize Controller containers’ Security Context runAsNonRoot	`true`
`kustomizeController.containerSecurityContext.privileged`	Set Kustomize Controller containers’ Security Context privileged	`false`
`kustomizeController.containerSecurityContext.readOnlyRootFilesystem`	Set Kustomize Controller containers’ Security Context runAsNonRoot	`true`
`kustomizeController.containerSecurityContext.allowPrivilegeEscalation`	Set Kustomize Controller container’s privilege escalation	`false`
`kustomizeController.containerSecurityContext.capabilities.drop`	Set Kustomize Controller container’s Security Context runAsNonRoot	`["ALL"]`
`kustomizeController.containerSecurityContext.seccompProfile.type`	Set Kustomize Controller container’s Security Context seccomp profile	`RuntimeDefault`
`kustomizeController.command`	Override default container command (useful when using custom images)	`[]`
`kustomizeController.args`	Override default container args (useful when using custom images)	`[]`
`kustomizeController.automountServiceAccountToken`	Mount Service Account token in pod	`true`
`kustomizeController.hostAliases`	Kustomize Controller pods host aliases	`[]`
`kustomizeController.podLabels`	Extra labels for Kustomize Controller pods	`{}`
`kustomizeController.podAnnotations`	Annotations for Kustomize Controller pods	`{}`
`kustomizeController.podAffinityPreset`	Pod affinity preset. Ignored if `kustomizeController.affinity` is set. Allowed values: `soft` or `hard`	`""`
`kustomizeController.podAntiAffinityPreset`	Pod anti-affinity preset. Ignored if `kustomizeController.affinity` is set. Allowed values: `soft` or `hard`	`soft`
`kustomizeController.pdb.create`	Enable/disable a Pod Disruption Budget creation	`true`
`kustomizeController.pdb.minAvailable`	Minimum number/percentage of pods that should remain scheduled	`""`
`kustomizeController.pdb.maxUnavailable`	Maximum number/percentage of pods that may be made unavailable	`""`
`kustomizeController.autoscaling.enabled`	Enable autoscaling for kustomizeController	`false`
`kustomizeController.autoscaling.minReplicas`	Minimum number of kustomizeController replicas	`""`
`kustomizeController.autoscaling.maxReplicas`	Maximum number of kustomizeController replicas	`""`
`kustomizeController.autoscaling.targetCPU`	Target CPU utilization percentage	`""`
`kustomizeController.autoscaling.targetMemory`	Target Memory utilization percentage	`""`
`kustomizeController.nodeAffinityPreset.type`	Node affinity preset type. Ignored if `kustomizeController.affinity` is set. Allowed values: `soft` or `hard`	`""`
`kustomizeController.nodeAffinityPreset.key`	Node label key to match. Ignored if `kustomizeController.affinity` is set	`""`
`kustomizeController.nodeAffinityPreset.values`	Node label values to match. Ignored if `kustomizeController.affinity` is set	`[]`
`kustomizeController.affinity`	Affinity for Kustomize Controller pods assignment	`{}`
`kustomizeController.nodeSelector`	Node labels for Kustomize Controller pods assignment	`{}`
`kustomizeController.tolerations`	Tolerations for Kustomize Controller pods assignment	`[]`
`kustomizeController.updateStrategy.type`	Kustomize Controller statefulset strategy type	`RollingUpdate`
`kustomizeController.priorityClassName`	Kustomize Controller pods’ priorityClassName	`""`
`kustomizeController.topologySpreadConstraints`	Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template	`[]`
`kustomizeController.schedulerName`	Name of the k8s scheduler (other than default) for Kustomize Controller pods	`""`
`kustomizeController.terminationGracePeriodSeconds`	Seconds Redmine pod needs to terminate gracefully	`""`
`kustomizeController.lifecycleHooks`	for the Kustomize Controller container(s) to automate configuration before or after startup	`{}`
`kustomizeController.extraEnvVars`	Array with extra environment variables to add to Kustomize Controller nodes	`[]`
`kustomizeController.extraEnvVarsCM`	Name of existing ConfigMap containing extra env vars for Kustomize Controller nodes	`""`
`kustomizeController.extraEnvVarsSecret`	Name of existing Secret containing extra env vars for Kustomize Controller nodes	`""`
`kustomizeController.extraVolumes`	Optionally specify extra list of additional volumes for the Kustomize Controller pod(s)	`[]`
`kustomizeController.extraVolumeMounts`	Optionally specify extra list of additional volumeMounts for the Kustomize Controller container(s)	`[]`
`kustomizeController.sidecars`	Add additional sidecar containers to the Kustomize Controller pod(s)	`[]`
`kustomizeController.initContainers`	Add additional init containers to the Kustomize Controller pod(s)	`[]`

Kustomize Controller RBAC Parameters

Name	Description	Value
`kustomizeController.rbac.create`	Specifies whether RBAC resources should be created	`true`
`kustomizeController.rbac.rules`	Custom RBAC rules to set	`[]`
`kustomizeController.serviceAccount.create`	Specifies whether a ServiceAccount should be created	`true`
`kustomizeController.serviceAccount.name`	The name of the ServiceAccount to use.	`""`
`kustomizeController.serviceAccount.annotations`	Additional Service Account annotations (evaluated as a template)	`{}`
`kustomizeController.serviceAccount.automountServiceAccountToken`	Automount service account token for the server service account	`false`

Kustomize Controller Metrics Parameters

Name	Description	Value
`kustomizeController.metrics.enabled`	Enable the export of Prometheus metrics	`true`
`kustomizeController.metrics.service.type`	Kustomize Controller service type	`ClusterIP`
`kustomizeController.metrics.service.ports.metrics`	Kustomize Controller service metrics port	`80`
`kustomizeController.metrics.service.nodePorts.metrics`	Node port for HTTP	`""`
`kustomizeController.metrics.service.clusterIP`	Kustomize Controller service Cluster IP	`""`
`kustomizeController.metrics.service.loadBalancerIP`	Kustomize Controller service Load Balancer IP	`""`
`kustomizeController.metrics.service.loadBalancerSourceRanges`	Kustomize Controller service Load Balancer sources	`[]`
`kustomizeController.metrics.service.externalTrafficPolicy`	Kustomize Controller service external traffic policy	`Cluster`
`kustomizeController.metrics.service.annotations`	Additional custom annotations for Kustomize Controller service	`{}`
`kustomizeController.metrics.service.extraPorts`	Extra ports to expose in Kustomize Controller service (normally used with the `sidecars` value)	`[]`
`kustomizeController.metrics.service.sessionAffinity`	Control where client requests go, to the same pod or round-robin	`None`
`kustomizeController.metrics.service.sessionAffinityConfig`	Additional settings for the sessionAffinity	`{}`
`kustomizeController.metrics.serviceMonitor.enabled`	if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`)	`false`
`kustomizeController.metrics.serviceMonitor.namespace`	Namespace in which Prometheus is running	`""`
`kustomizeController.metrics.serviceMonitor.annotations`	Additional custom annotations for the ServiceMonitor	`{}`
`kustomizeController.metrics.serviceMonitor.labels`	Extra labels for the ServiceMonitor	`{}`
`kustomizeController.metrics.serviceMonitor.jobLabel`	The name of the label on the target service to use as the job name in Prometheus	`""`
`kustomizeController.metrics.serviceMonitor.honorLabels`	honorLabels chooses the metric’s labels on collisions with target labels	`false`
`kustomizeController.metrics.serviceMonitor.interval`	Interval at which metrics should be scraped.	`""`
`kustomizeController.metrics.serviceMonitor.scrapeTimeout`	Timeout after which the scrape is ended	`""`
`kustomizeController.metrics.serviceMonitor.metricRelabelings`	Specify additional relabeling of metrics	`[]`
`kustomizeController.metrics.serviceMonitor.relabelings`	Specify general relabeling	`[]`
`kustomizeController.metrics.serviceMonitor.selector`	Prometheus instance selector labels	`{}`

Helm Controller Parameters

Name	Description	Value
`helmController.enabled`	Enable Helm Controller	`true`
`helmController.installCRDs`	Flag to install Helm Controller CRDs	`true`
`helmController.watchAllNamespaces`	Watch for custom resources in all namespaces	`true`
`helmController.image.registry`	Helm Controller image registry	`REGISTRY_NAME`
`helmController.image.repository`	Helm Controller image repository	`REPOSITORY_NAME/fluxcd-helm-controller`
`helmController.image.digest`	Helm Controller image digest in the way sha256:aa…. Please note this parameter, if set, will override the tag image tag (immutable tags are recommended)	`""`
`helmController.image.pullPolicy`	Helm Controller image pull policy	`IfNotPresent`
`helmController.image.pullSecrets`	Helm Controller image pull secrets	`[]`
`helmController.image.debug`	Enable Helm Controller image debug mode	`false`
`helmController.replicaCount`	Number of Helm Controller replicas to deploy	`1`
`helmController.containerPorts.metrics`	Helm Controller metrics container port	`8080`
`helmController.containerPorts.health`	Helm Controller health container port	`9440`
`helmController.networkPolicy.enabled`	Specifies whether a NetworkPolicy should be created	`true`
`helmController.networkPolicy.allowExternal`	Don’t require server label for connections	`true`
`helmController.networkPolicy.allowExternalEgress`	Allow the pod to access any range of port and all destinations.	`true`
`helmController.networkPolicy.kubeAPIServerPorts`	List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security)	`[]`
`helmController.networkPolicy.extraIngress`	Add extra ingress rules to the NetworkPolicy	`[]`
`helmController.networkPolicy.extraEgress`	Add extra ingress rules to the NetworkPolicy	`[]`
`helmController.networkPolicy.ingressNSMatchLabels`	Labels to match to allow traffic from other namespaces	`{}`
`helmController.networkPolicy.ingressNSPodMatchLabels`	Pod labels to match to allow traffic from other namespaces	`{}`
`helmController.livenessProbe.enabled`	Enable livenessProbe on Helm Controller containers	`true`
`helmController.livenessProbe.initialDelaySeconds`	Initial delay seconds for livenessProbe	`5`
`helmController.livenessProbe.periodSeconds`	Period seconds for livenessProbe	`10`
`helmController.livenessProbe.timeoutSeconds`	Timeout seconds for livenessProbe	`5`
`helmController.livenessProbe.failureThreshold`	Failure threshold for livenessProbe	`5`
`helmController.livenessProbe.successThreshold`	Success threshold for livenessProbe	`1`
`helmController.readinessProbe.enabled`	Enable readinessProbe on Helm Controller containers	`true`
`helmController.readinessProbe.initialDelaySeconds`	Initial delay seconds for readinessProbe	`5`
`helmController.readinessProbe.periodSeconds`	Period seconds for readinessProbe	`10`
`helmController.readinessProbe.timeoutSeconds`	Timeout seconds for readinessProbe	`5`
`helmController.readinessProbe.failureThreshold`	Failure threshold for readinessProbe	`5`
`helmController.readinessProbe.successThreshold`	Success threshold for readinessProbe	`1`
`helmController.startupProbe.enabled`	Enable startupProbe on Helm Controller containers	`false`
`helmController.startupProbe.initialDelaySeconds`	Initial delay seconds for startupProbe	`5`
`helmController.startupProbe.periodSeconds`	Period seconds for startupProbe	`10`
`helmController.startupProbe.timeoutSeconds`	Timeout seconds for startupProbe	`5`
`helmController.startupProbe.failureThreshold`	Failure threshold for startupProbe	`5`
`helmController.startupProbe.successThreshold`	Success threshold for startupProbe	`1`
`helmController.customLivenessProbe`	Custom livenessProbe that overrides the default one	`{}`
`helmController.customReadinessProbe`	Custom readinessProbe that overrides the default one	`{}`
`helmController.customStartupProbe`	Custom startupProbe that overrides the default one	`{}`
`helmController.resourcesPreset`	Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if helmController.resources is set (helmController.resources is recommended for production).	`nano`
`helmController.resources`	Set container requests and limits for different resources like CPU or memory (essential for production workloads)	`{}`
`helmController.podSecurityContext.enabled`	Enabled Helm Controller pods’ Security Context	`true`
`helmController.podSecurityContext.fsGroupChangePolicy`	Set filesystem group change policy	`Always`
`helmController.podSecurityContext.sysctls`	Set kernel settings using the sysctl interface	`[]`
`helmController.podSecurityContext.supplementalGroups`	Set filesystem extra groups	`[]`
`helmController.podSecurityContext.fsGroup`	Set Helm Controller pod’s Security Context fsGroup	`1001`
`helmController.containerSecurityContext.enabled`	Enabled Helm Controller containers’ Security Context	`true`
`helmController.containerSecurityContext.seLinuxOptions`	Set SELinux options in container	`{}`
`helmController.containerSecurityContext.runAsUser`	Set containers’ Security Context runAsUser	`1001`
`helmController.containerSecurityContext.runAsGroup`	Set containers’ Security Context runAsGroup	`1001`
`helmController.containerSecurityContext.runAsNonRoot`	Set Helm Controller containers’ Security Context runAsNonRoot	`true`
`helmController.containerSecurityContext.privileged`	Set Helm Controller containers’ Security Context privileged	`false`
`helmController.containerSecurityContext.readOnlyRootFilesystem`	Set Helm Controller containers’ Security Context runAsNonRoot	`true`
`helmController.containerSecurityContext.allowPrivilegeEscalation`	Set Helm Controller container’s privilege escalation	`false`
`helmController.containerSecurityContext.capabilities.drop`	Set Helm Controller container’s Security Context runAsNonRoot	`["ALL"]`
`helmController.containerSecurityContext.seccompProfile.type`	Set Helm Controller container’s Security Context seccomp profile	`RuntimeDefault`
`helmController.command`	Override default container command (useful when using custom images)	`[]`
`helmController.args`	Override default container args (useful when using custom images)	`[]`
`helmController.automountServiceAccountToken`	Mount Service Account token in pod	`true`
`helmController.hostAliases`	Helm Controller pods host aliases	`[]`
`helmController.podLabels`	Extra labels for Helm Controller pods	`{}`
`helmController.podAnnotations`	Annotations for Helm Controller pods	`{}`
`helmController.podAffinityPreset`	Pod affinity preset. Ignored if `helmController.affinity` is set. Allowed values: `soft` or `hard`	`""`
`helmController.podAntiAffinityPreset`	Pod anti-affinity preset. Ignored if `helmController.affinity` is set. Allowed values: `soft` or `hard`	`soft`
`helmController.pdb.create`	Enable/disable a Pod Disruption Budget creation	`true`
`helmController.pdb.minAvailable`	Minimum number/percentage of pods that should remain scheduled	`""`
`helmController.pdb.maxUnavailable`	Maximum number/percentage of pods that may be made unavailable	`""`
`helmController.autoscaling.enabled`	Enable autoscaling for helmController	`false`
`helmController.autoscaling.minReplicas`	Minimum number of helmController replicas	`""`
`helmController.autoscaling.maxReplicas`	Maximum number of helmController replicas	`""`
`helmController.autoscaling.targetCPU`	Target CPU utilization percentage	`""`
`helmController.autoscaling.targetMemory`	Target Memory utilization percentage	`""`
`helmController.nodeAffinityPreset.type`	Node affinity preset type. Ignored if `helmController.affinity` is set. Allowed values: `soft` or `hard`	`""`
`helmController.nodeAffinityPreset.key`	Node label key to match. Ignored if `helmController.affinity` is set	`""`
`helmController.nodeAffinityPreset.values`	Node label values to match. Ignored if `helmController.affinity` is set	`[]`
`helmController.affinity`	Affinity for Helm Controller pods assignment	`{}`
`helmController.nodeSelector`	Node labels for Helm Controller pods assignment	`{}`
`helmController.tolerations`	Tolerations for Helm Controller pods assignment	`[]`
`helmController.updateStrategy.type`	Helm Controller statefulset strategy type	`RollingUpdate`
`helmController.priorityClassName`	Helm Controller pods’ priorityClassName	`""`
`helmController.topologySpreadConstraints`	Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template	`[]`
`helmController.schedulerName`	Name of the k8s scheduler (other than default) for Helm Controller pods	`""`
`helmController.terminationGracePeriodSeconds`	Seconds Redmine pod needs to terminate gracefully	`""`
`helmController.lifecycleHooks`	for the Helm Controller container(s) to automate configuration before or after startup	`{}`
`helmController.extraEnvVars`	Array with extra environment variables to add to Helm Controller nodes	`[]`
`helmController.extraEnvVarsCM`	Name of existing ConfigMap containing extra env vars for Helm Controller nodes	`""`
`helmController.extraEnvVarsSecret`	Name of existing Secret containing extra env vars for Helm Controller nodes	`""`
`helmController.extraVolumes`	Optionally specify extra list of additional volumes for the Helm Controller pod(s)	`[]`
`helmController.extraVolumeMounts`	Optionally specify extra list of additional volumeMounts for the Helm Controller container(s)	`[]`
`helmController.sidecars`	Add additional sidecar containers to the Helm Controller pod(s)	`[]`
`helmController.initContainers`	Add additional init containers to the Helm Controller pod(s)	`[]`

Helm Controller RBAC Parameters

Name	Description	Value
`helmController.rbac.create`	Specifies whether RBAC resources should be created	`true`
`helmController.rbac.rules`	Custom RBAC rules to set	`[]`
`helmController.serviceAccount.create`	Specifies whether a ServiceAccount should be created	`true`
`helmController.serviceAccount.name`	The name of the ServiceAccount to use.	`""`
`helmController.serviceAccount.annotations`	Additional Service Account annotations (evaluated as a template)	`{}`
`helmController.serviceAccount.automountServiceAccountToken`	Automount service account token for the server service account	`false`

Helm Controller Metrics Parameters

Name	Description	Value
`helmController.metrics.enabled`	Enable the export of Prometheus metrics	`true`
`helmController.metrics.service.type`	Helm Controller service type	`ClusterIP`
`helmController.metrics.service.ports.metrics`	Helm Controller service metrics port	`80`
`helmController.metrics.service.nodePorts.metrics`	Node port for HTTP	`""`
`helmController.metrics.service.clusterIP`	Helm Controller service Cluster IP	`""`
`helmController.metrics.service.loadBalancerIP`	Helm Controller service Load Balancer IP	`""`
`helmController.metrics.service.loadBalancerSourceRanges`	Helm Controller service Load Balancer sources	`[]`
`helmController.metrics.service.externalTrafficPolicy`	Helm Controller service external traffic policy	`Cluster`
`helmController.metrics.service.annotations`	Additional custom annotations for Helm Controller service	`{}`
`helmController.metrics.service.extraPorts`	Extra ports to expose in Helm Controller service (normally used with the `sidecars` value)	`[]`
`helmController.metrics.service.sessionAffinity`	Control where client requests go, to the same pod or round-robin	`None`
`helmController.metrics.service.sessionAffinityConfig`	Additional settings for the sessionAffinity	`{}`
`helmController.metrics.serviceMonitor.enabled`	if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`)	`false`
`helmController.metrics.serviceMonitor.namespace`	Namespace in which Prometheus is running	`""`
`helmController.metrics.serviceMonitor.annotations`	Additional custom annotations for the ServiceMonitor	`{}`
`helmController.metrics.serviceMonitor.labels`	Extra labels for the ServiceMonitor	`{}`
`helmController.metrics.serviceMonitor.jobLabel`	The name of the label on the target service to use as the job name in Prometheus	`""`
`helmController.metrics.serviceMonitor.honorLabels`	honorLabels chooses the metric’s labels on collisions with target labels	`false`
`helmController.metrics.serviceMonitor.interval`	Interval at which metrics should be scraped.	`""`
`helmController.metrics.serviceMonitor.scrapeTimeout`	Timeout after which the scrape is ended	`""`
`helmController.metrics.serviceMonitor.metricRelabelings`	Specify additional relabeling of metrics	`[]`
`helmController.metrics.serviceMonitor.relabelings`	Specify general relabeling	`[]`
`helmController.metrics.serviceMonitor.selector`	Prometheus instance selector labels	`{}`

Source Controller Parameters

Name	Description	Value
`sourceController.enabled`	Enable Source Controller	`true`
`sourceController.installCRDs`	Flag to install Source Controller CRDs	`true`
`sourceController.watchAllNamespaces`	Watch for custom resources in all namespaces	`true`
`sourceController.image.registry`	Source Controller image registry	`REGISTRY_NAME`
`sourceController.image.repository`	Source Controller image repository	`REPOSITORY_NAME/fluxcd-source-controller`
`sourceController.image.digest`	Source Controller image digest in the way sha256:aa…. Please note this parameter, if set, will override the tag image tag (immutable tags are recommended)	`""`
`sourceController.image.pullPolicy`	Source Controller image pull policy	`IfNotPresent`
`sourceController.image.pullSecrets`	Source Controller image pull secrets	`[]`
`sourceController.image.debug`	Enable Source Controller image debug mode	`false`
`sourceController.replicaCount`	Number of Source Controller replicas to deploy	`1`
`sourceController.containerPorts.http`	Source Controller http container port	`9090`
`sourceController.containerPorts.metrics`	Source Controller metrics container port	`8080`
`sourceController.containerPorts.health`	Source Controller health container port	`9440`
`sourceController.networkPolicy.enabled`	Specifies whether a NetworkPolicy should be created	`true`
`sourceController.networkPolicy.allowExternal`	Don’t require server label for connections	`true`
`sourceController.networkPolicy.allowExternalEgress`	Allow the pod to access any range of port and all destinations.	`true`
`sourceController.networkPolicy.kubeAPIServerPorts`	List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security)	`[]`
`sourceController.networkPolicy.extraIngress`	Add extra ingress rules to the NetworkPolicy	`[]`
`sourceController.networkPolicy.extraEgress`	Add extra ingress rules to the NetworkPolicy	`[]`
`sourceController.networkPolicy.ingressNSMatchLabels`	Labels to match to allow traffic from other namespaces	`{}`
`sourceController.networkPolicy.ingressNSPodMatchLabels`	Pod labels to match to allow traffic from other namespaces	`{}`
`sourceController.livenessProbe.enabled`	Enable livenessProbe on Source Controller containers	`true`
`sourceController.livenessProbe.initialDelaySeconds`	Initial delay seconds for livenessProbe	`5`
`sourceController.livenessProbe.periodSeconds`	Period seconds for livenessProbe	`10`
`sourceController.livenessProbe.timeoutSeconds`	Timeout seconds for livenessProbe	`5`
`sourceController.livenessProbe.failureThreshold`	Failure threshold for livenessProbe	`5`
`sourceController.livenessProbe.successThreshold`	Success threshold for livenessProbe	`1`
`sourceController.readinessProbe.enabled`	Enable readinessProbe on Source Controller containers	`true`
`sourceController.readinessProbe.initialDelaySeconds`	Initial delay seconds for readinessProbe	`5`
`sourceController.readinessProbe.periodSeconds`	Period seconds for readinessProbe	`10`
`sourceController.readinessProbe.timeoutSeconds`	Timeout seconds for readinessProbe	`5`
`sourceController.readinessProbe.failureThreshold`	Failure threshold for readinessProbe	`5`
`sourceController.readinessProbe.successThreshold`	Success threshold for readinessProbe	`1`
`sourceController.startupProbe.enabled`	Enable startupProbe on Source Controller containers	`false`
`sourceController.startupProbe.initialDelaySeconds`	Initial delay seconds for startupProbe	`5`
`sourceController.startupProbe.periodSeconds`	Period seconds for startupProbe	`10`
`sourceController.startupProbe.timeoutSeconds`	Timeout seconds for startupProbe	`5`
`sourceController.startupProbe.failureThreshold`	Failure threshold for startupProbe	`5`
`sourceController.startupProbe.successThreshold`	Success threshold for startupProbe	`1`
`sourceController.customLivenessProbe`	Custom livenessProbe that overrides the default one	`{}`
`sourceController.customReadinessProbe`	Custom readinessProbe that overrides the default one	`{}`
`sourceController.customStartupProbe`	Custom startupProbe that overrides the default one	`{}`
`sourceController.resourcesPreset`	Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if sourceController.resources is set (sourceController.resources is recommended for production).	`nano`
`sourceController.resources`	Set container requests and limits for different resources like CPU or memory (essential for production workloads)	`{}`
`sourceController.podSecurityContext.enabled`	Enabled Source Controller pods’ Security Context	`true`
`sourceController.podSecurityContext.fsGroupChangePolicy`	Set filesystem group change policy	`Always`
`sourceController.podSecurityContext.sysctls`	Set kernel settings using the sysctl interface	`[]`
`sourceController.podSecurityContext.supplementalGroups`	Set filesystem extra groups	`[]`
`sourceController.podSecurityContext.fsGroup`	Set Source Controller pod’s Security Context fsGroup	`1001`
`sourceController.containerSecurityContext.enabled`	Enabled Source Controller containers’ Security Context	`true`
`sourceController.containerSecurityContext.seLinuxOptions`	Set SELinux options in container	`{}`
`sourceController.containerSecurityContext.runAsUser`	Set containers’ Security Context runAsUser	`1001`
`sourceController.containerSecurityContext.runAsGroup`	Set containers’ Security Context runAsGroup	`1001`
`sourceController.containerSecurityContext.runAsNonRoot`	Set Source Controller containers’ Security Context runAsNonRoot	`true`
`sourceController.containerSecurityContext.privileged`	Set Source Controller containers’ Security Context privileged	`false`
`sourceController.containerSecurityContext.readOnlyRootFilesystem`	Set Source Controller containers’ Security Context runAsNonRoot	`true`
`sourceController.containerSecurityContext.allowPrivilegeEscalation`	Set Source Controller container’s privilege escalation	`false`
`sourceController.containerSecurityContext.capabilities.drop`	Set Source Controller container’s Security Context runAsNonRoot	`["ALL"]`
`sourceController.containerSecurityContext.seccompProfile.type`	Set Source Controller container’s Security Context seccomp profile	`RuntimeDefault`
`sourceController.command`	Override default container command (useful when using custom images)	`[]`
`sourceController.args`	Override default container args (useful when using custom images)	`[]`
`sourceController.automountServiceAccountToken`	Mount Service Account token in pod	`true`
`sourceController.hostAliases`	Source Controller pods host aliases	`[]`
`sourceController.podLabels`	Extra labels for Source Controller pods	`{}`
`sourceController.podAnnotations`	Annotations for Source Controller pods	`{}`
`sourceController.podAffinityPreset`	Pod affinity preset. Ignored if `sourceController.affinity` is set. Allowed values: `soft` or `hard`	`""`
`sourceController.podAntiAffinityPreset`	Pod anti-affinity preset. Ignored if `sourceController.affinity` is set. Allowed values: `soft` or `hard`	`soft`
`sourceController.pdb.create`	Enable/disable a Pod Disruption Budget creation	`true`
`sourceController.pdb.minAvailable`	Minimum number/percentage of pods that should remain scheduled	`""`
`sourceController.pdb.maxUnavailable`	Maximum number/percentage of pods that may be made unavailable	`""`
`sourceController.autoscaling.enabled`	Enable autoscaling for sourceController	`false`
`sourceController.autoscaling.minReplicas`	Minimum number of sourceController replicas	`""`
`sourceController.autoscaling.maxReplicas`	Maximum number of sourceController replicas	`""`
`sourceController.autoscaling.targetCPU`	Target CPU utilization percentage	`""`
`sourceController.autoscaling.targetMemory`	Target Memory utilization percentage	`""`
`sourceController.nodeAffinityPreset.type`	Node affinity preset type. Ignored if `sourceController.affinity` is set. Allowed values: `soft` or `hard`	`""`
`sourceController.nodeAffinityPreset.key`	Node label key to match. Ignored if `sourceController.affinity` is set	`""`
`sourceController.nodeAffinityPreset.values`	Node label values to match. Ignored if `sourceController.affinity` is set	`[]`
`sourceController.affinity`	Affinity for Source Controller pods assignment	`{}`
`sourceController.nodeSelector`	Node labels for Source Controller pods assignment	`{}`
`sourceController.tolerations`	Tolerations for Source Controller pods assignment	`[]`
`sourceController.updateStrategy.type`	Source Controller statefulset strategy type	`RollingUpdate`
`sourceController.priorityClassName`	Source Controller pods’ priorityClassName	`""`
`sourceController.topologySpreadConstraints`	Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template	`[]`
`sourceController.schedulerName`	Name of the k8s scheduler (other than default) for Source Controller pods	`""`
`sourceController.terminationGracePeriodSeconds`	Seconds Redmine pod needs to terminate gracefully	`""`
`sourceController.lifecycleHooks`	for the Source Controller container(s) to automate configuration before or after startup	`{}`
`sourceController.extraEnvVars`	Array with extra environment variables to add to Source Controller nodes	`[]`
`sourceController.extraEnvVarsCM`	Name of existing ConfigMap containing extra env vars for Source Controller nodes	`""`
`sourceController.extraEnvVarsSecret`	Name of existing Secret containing extra env vars for Source Controller nodes	`""`
`sourceController.extraVolumes`	Optionally specify extra list of additional volumes for the Source Controller pod(s)	`[]`
`sourceController.extraVolumeMounts`	Optionally specify extra list of additional volumeMounts for the Source Controller container(s)	`[]`
`sourceController.sidecars`	Add additional sidecar containers to the Source Controller pod(s)	`[]`
`sourceController.initContainers`	Add additional init containers to the Source Controller pod(s)	`[]`

Source Controller service parameters

Name	Description	Value
`sourceController.service.type`	Source Controller service type	`ClusterIP`
`sourceController.service.ports.http`	Source Controller service metrics port	`80`
`sourceController.service.nodePorts.http`	Node port for HTTP	`""`
`sourceController.service.clusterIP`	Source Controller service Cluster IP	`""`
`sourceController.service.loadBalancerIP`	Source Controller service Load Balancer IP	`""`
`sourceController.service.loadBalancerSourceRanges`	Source Controller service Load Balancer sources	`[]`
`sourceController.service.externalTrafficPolicy`	Source Controller service external traffic policy	`Cluster`
`sourceController.service.annotations`	Additional custom annotations for Source Controller service	`{}`
`sourceController.service.extraPorts`	Extra ports to expose in Source Controller service (normally used with the `sidecars` value)	`[]`
`sourceController.service.sessionAffinity`	Control where client requests go, to the same pod or round-robin	`None`
`sourceController.service.sessionAffinityConfig`	Additional settings for the sessionAffinity	`{}`

Source Conttroller Persistence Parameters

Name	Description	Value
`sourceController.persistence.enabled`	Enable persistence using Persistent Volume Claims	`false`
`sourceController.persistence.resourcePolicy`	Setting it to “keep” to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted	`""`
`sourceController.persistence.mountPath`	Persistent Volume mount root path	`/bitnami/fluxcd-source-controller/data`
`sourceController.persistence.storageClass`	Persistent Volume storage class	`""`
`sourceController.persistence.accessModes`	Persistent Volume access modes	`[]`
`sourceController.persistence.size`	Persistent Volume size	`10Gi`
`sourceController.persistence.dataSource`	Custom PVC data source	`{}`
`sourceController.persistence.annotations`	Annotations for the PVC	`{}`
`sourceController.persistence.selector`	Selector to match an existing Persistent Volume (this value is evaluated as a template)	`{}`
`sourceController.persistence.existingClaim`	The name of an existing PVC to use for persistence	`""`

Source Controller RBAC Parameters

Name	Description	Value
`sourceController.rbac.create`	Specifies whether RBAC resources should be created	`true`
`sourceController.rbac.rules`	Custom RBAC rules to set	`[]`
`sourceController.serviceAccount.create`	Specifies whether a ServiceAccount should be created	`true`
`sourceController.serviceAccount.name`	The name of the ServiceAccount to use.	`""`
`sourceController.serviceAccount.annotations`	Additional Service Account annotations (evaluated as a template)	`{}`
`sourceController.serviceAccount.automountServiceAccountToken`	Automount service account token for the server service account	`false`

Source Controller Metrics Parameters

Name	Description	Value
`sourceController.metrics.enabled`	Enable the export of Prometheus metrics	`true`
`sourceController.metrics.service.type`	Source Controller service type	`ClusterIP`
`sourceController.metrics.service.ports.metrics`	Source Controller service metrics port	`80`
`sourceController.metrics.service.nodePorts.metrics`	Node port for HTTP	`""`
`sourceController.metrics.service.clusterIP`	Source Controller service Cluster IP	`""`
`sourceController.metrics.service.loadBalancerIP`	Source Controller service Load Balancer IP	`""`
`sourceController.metrics.service.loadBalancerSourceRanges`	Source Controller service Load Balancer sources	`[]`
`sourceController.metrics.service.externalTrafficPolicy`	Source Controller service external traffic policy	`Cluster`
`sourceController.metrics.service.annotations`	Additional custom annotations for Source Controller service	`{}`
`sourceController.metrics.service.extraPorts`	Extra ports to expose in Source Controller service (normally used with the `sidecars` value)	`[]`
`sourceController.metrics.service.sessionAffinity`	Control where client requests go, to the same pod or round-robin	`None`
`sourceController.metrics.service.sessionAffinityConfig`	Additional settings for the sessionAffinity	`{}`
`sourceController.metrics.serviceMonitor.enabled`	if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`)	`false`
`sourceController.metrics.serviceMonitor.namespace`	Namespace in which Prometheus is running	`""`
`sourceController.metrics.serviceMonitor.annotations`	Additional custom annotations for the ServiceMonitor	`{}`
`sourceController.metrics.serviceMonitor.labels`	Extra labels for the ServiceMonitor	`{}`
`sourceController.metrics.serviceMonitor.jobLabel`	The name of the label on the target service to use as the job name in Prometheus	`""`
`sourceController.metrics.serviceMonitor.honorLabels`	honorLabels chooses the metric’s labels on collisions with target labels	`false`
`sourceController.metrics.serviceMonitor.interval`	Interval at which metrics should be scraped.	`""`
`sourceController.metrics.serviceMonitor.scrapeTimeout`	Timeout after which the scrape is ended	`""`
`sourceController.metrics.serviceMonitor.metricRelabelings`	Specify additional relabeling of metrics	`[]`
`sourceController.metrics.serviceMonitor.relabelings`	Specify general relabeling	`[]`
`sourceController.metrics.serviceMonitor.selector`	Prometheus instance selector labels	`{}`

Notification Controller Parameters

Name	Description	Value
`notificationController.enabled`	Enable Notification Controller	`true`
`notificationController.installCRDs`	Flag to install Notification Controller CRDs	`true`
`notificationController.watchAllNamespaces`	Watch for custom resources in all namespaces	`true`
`notificationController.image.registry`	Notification Controller image registry	`REGISTRY_NAME`
`notificationController.image.repository`	Notification Controller image repository	`REPOSITORY_NAME/fluxcd-notification-controller`
`notificationController.image.digest`	Notification Controller image digest in the way sha256:aa…. Please note this parameter, if set, will override the tag image tag (immutable tags are recommended)	`""`
`notificationController.image.pullPolicy`	Notification Controller image pull policy	`IfNotPresent`
`notificationController.image.pullSecrets`	Notification Controller image pull secrets	`[]`
`notificationController.image.debug`	Enable Notification Controller image debug mode	`false`
`notificationController.replicaCount`	Number of Notification Controller replicas to deploy	`1`
`notificationController.containerPorts.metrics`	Notification Controller metrics container port	`8080`
`notificationController.containerPorts.receiver`	Notification Controller receiver container port	`9090`
`notificationController.containerPorts.health`	Notification Controller health container port	`9440`
`notificationController.containerPorts.webhook`	Notification Controller webhook container port	`9292`
`notificationController.networkPolicy.enabled`	Specifies whether a NetworkPolicy should be created	`true`
`notificationController.networkPolicy.allowExternal`	Don’t require server label for connections	`true`
`notificationController.networkPolicy.allowExternalEgress`	Allow the pod to access any range of port and all destinations.	`true`
`notificationController.networkPolicy.kubeAPIServerPorts`	List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security)	`[]`
`notificationController.networkPolicy.extraIngress`	Add extra ingress rules to the NetworkPolicy	`[]`
`notificationController.networkPolicy.extraEgress`	Add extra ingress rules to the NetworkPolicy	`[]`
`notificationController.networkPolicy.ingressNSMatchLabels`	Labels to match to allow traffic from other namespaces	`{}`
`notificationController.networkPolicy.ingressNSPodMatchLabels`	Pod labels to match to allow traffic from other namespaces	`{}`
`notificationController.livenessProbe.enabled`	Enable livenessProbe on Notification Controller containers	`true`
`notificationController.livenessProbe.initialDelaySeconds`	Initial delay seconds for livenessProbe	`5`
`notificationController.livenessProbe.periodSeconds`	Period seconds for livenessProbe	`10`
`notificationController.livenessProbe.timeoutSeconds`	Timeout seconds for livenessProbe	`5`
`notificationController.livenessProbe.failureThreshold`	Failure threshold for livenessProbe	`5`
`notificationController.livenessProbe.successThreshold`	Success threshold for livenessProbe	`1`
`notificationController.readinessProbe.enabled`	Enable readinessProbe on Notification Controller containers	`true`
`notificationController.readinessProbe.initialDelaySeconds`	Initial delay seconds for readinessProbe	`5`
`notificationController.readinessProbe.periodSeconds`	Period seconds for readinessProbe	`10`
`notificationController.readinessProbe.timeoutSeconds`	Timeout seconds for readinessProbe	`5`
`notificationController.readinessProbe.failureThreshold`	Failure threshold for readinessProbe	`5`
`notificationController.readinessProbe.successThreshold`	Success threshold for readinessProbe	`1`
`notificationController.startupProbe.enabled`	Enable startupProbe on Notification Controller containers	`false`
`notificationController.startupProbe.initialDelaySeconds`	Initial delay seconds for startupProbe	`5`
`notificationController.startupProbe.periodSeconds`	Period seconds for startupProbe	`10`
`notificationController.startupProbe.timeoutSeconds`	Timeout seconds for startupProbe	`5`
`notificationController.startupProbe.failureThreshold`	Failure threshold for startupProbe	`5`
`notificationController.startupProbe.successThreshold`	Success threshold for startupProbe	`1`
`notificationController.customLivenessProbe`	Custom livenessProbe that overrides the default one	`{}`
`notificationController.customReadinessProbe`	Custom readinessProbe that overrides the default one	`{}`
`notificationController.customStartupProbe`	Custom startupProbe that overrides the default one	`{}`
`notificationController.resourcesPreset`	Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if notificationController.resources is set (notificationController.resources is recommended for production).	`nano`
`notificationController.resources`	Set container requests and limits for different resources like CPU or memory (essential for production workloads)	`{}`
`notificationController.podSecurityContext.enabled`	Enabled Notification Controller pods’ Security Context	`true`
`notificationController.podSecurityContext.fsGroupChangePolicy`	Set filesystem group change policy	`Always`
`notificationController.podSecurityContext.sysctls`	Set kernel settings using the sysctl interface	`[]`
`notificationController.podSecurityContext.supplementalGroups`	Set filesystem extra groups	`[]`
`notificationController.podSecurityContext.fsGroup`	Set Notification Controller pod’s Security Context fsGroup	`1001`
`notificationController.containerSecurityContext.enabled`	Enabled Notification Controller containers’ Security Context	`true`
`notificationController.containerSecurityContext.seLinuxOptions`	Set SELinux options in container	`{}`
`notificationController.containerSecurityContext.runAsUser`	Set containers’ Security Context runAsUser	`1001`
`notificationController.containerSecurityContext.runAsGroup`	Set containers’ Security Context runAsGroup	`1001`
`notificationController.containerSecurityContext.runAsNonRoot`	Set Notification Controller containers’ Security Context runAsNonRoot	`true`
`notificationController.containerSecurityContext.readOnlyRootFilesystem`	Set Notification Controller containers’ Security Context runAsNonRoot	`true`
`notificationController.containerSecurityContext.privileged`	Set Notification Controller containers’ Security Context privileged	`false`
`notificationController.containerSecurityContext.allowPrivilegeEscalation`	Set Notification Controller container’s privilege escalation	`false`
`notificationController.containerSecurityContext.capabilities.drop`	Set Notification Controller container’s Security Context runAsNonRoot	`["ALL"]`
`notificationController.containerSecurityContext.seccompProfile.type`	Set Notification Controller container’s Security Context seccomp profile	`RuntimeDefault`
`notificationController.command`	Override default container command (useful when using custom images)	`[]`
`notificationController.args`	Override default container args (useful when using custom images)	`[]`
`notificationController.automountServiceAccountToken`	Mount Service Account token in pod	`true`
`notificationController.hostAliases`	Notification Controller pods host aliases	`[]`
`notificationController.podLabels`	Extra labels for Notification Controller pods	`{}`
`notificationController.podAnnotations`	Annotations for Notification Controller pods	`{}`
`notificationController.podAffinityPreset`	Pod affinity preset. Ignored if `notificationController.affinity` is set. Allowed values: `soft` or `hard`	`""`
`notificationController.podAntiAffinityPreset`	Pod anti-affinity preset. Ignored if `notificationController.affinity` is set. Allowed values: `soft` or `hard`	`soft`
`notificationController.pdb.create`	Enable/disable a Pod Disruption Budget creation	`true`
`notificationController.pdb.minAvailable`	Minimum number/percentage of pods that should remain scheduled	`""`
`notificationController.pdb.maxUnavailable`	Maximum number/percentage of pods that may be made unavailable	`""`
`notificationController.autoscaling.enabled`	Enable autoscaling for notificationController	`false`
`notificationController.autoscaling.minReplicas`	Minimum number of notificationController replicas	`""`
`notificationController.autoscaling.maxReplicas`	Maximum number of notificationController replicas	`""`
`notificationController.autoscaling.targetCPU`	Target CPU utilization percentage	`""`
`notificationController.autoscaling.targetMemory`	Target Memory utilization percentage	`""`
`notificationController.nodeAffinityPreset.type`	Node affinity preset type. Ignored if `notificationController.affinity` is set. Allowed values: `soft` or `hard`	`""`
`notificationController.nodeAffinityPreset.key`	Node label key to match. Ignored if `notificationController.affinity` is set	`""`
`notificationController.nodeAffinityPreset.values`	Node label values to match. Ignored if `notificationController.affinity` is set	`[]`
`notificationController.affinity`	Affinity for Notification Controller pods assignment	`{}`
`notificationController.nodeSelector`	Node labels for Notification Controller pods assignment	`{}`
`notificationController.tolerations`	Tolerations for Notification Controller pods assignment	`[]`
`notificationController.updateStrategy.type`	Notification Controller statefulset strategy type	`RollingUpdate`
`notificationController.priorityClassName`	Notification Controller pods’ priorityClassName	`""`
`notificationController.topologySpreadConstraints`	Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template	`[]`
`notificationController.schedulerName`	Name of the k8s scheduler (other than default) for Notification Controller pods	`""`
`notificationController.terminationGracePeriodSeconds`	Seconds Redmine pod needs to terminate gracefully	`""`
`notificationController.lifecycleHooks`	for the Notification Controller container(s) to automate configuration before or after startup	`{}`
`notificationController.extraEnvVars`	Array with extra environment variables to add to Notification Controller nodes	`[]`
`notificationController.extraEnvVarsCM`	Name of existing ConfigMap containing extra env vars for Notification Controller nodes	`""`
`notificationController.extraEnvVarsSecret`	Name of existing Secret containing extra env vars for Notification Controller nodes	`""`
`notificationController.extraVolumes`	Optionally specify extra list of additional volumes for the Notification Controller pod(s)	`[]`
`notificationController.extraVolumeMounts`	Optionally specify extra list of additional volumeMounts for the Notification Controller container(s)	`[]`
`notificationController.sidecars`	Add additional sidecar containers to the Notification Controller pod(s)	`[]`
`notificationController.initContainers`	Add additional init containers to the Notification Controller pod(s)	`[]`

Notification Controller Traffic Exposure Parameters

Name	Description	Value
`notificationController.service.receiver.type`	Notification Controller service type	`ClusterIP`
`notificationController.service.receiver.ports.http`	Notification Controller service receiver port	`80`
`notificationController.service.receiver.nodePorts.http`	Node port for HTTP	`""`
`notificationController.service.receiver.clusterIP`	Notification Controller service Cluster IP	`""`
`notificationController.service.receiver.loadBalancerIP`	Notification Controller service Load Balancer IP	`""`
`notificationController.service.receiver.loadBalancerSourceRanges`	Notification Controller service Load Balancer sources	`[]`
`notificationController.service.receiver.externalTrafficPolicy`	Notification Controller service external traffic policy	`Cluster`
`notificationController.service.receiver.annotations`	Additional custom annotations for Notification Controller service	`{}`
`notificationController.service.receiver.extraPorts`	Extra ports to expose in Notification Controller service (normally used with the `sidecars` value)	`[]`
`notificationController.service.receiver.sessionAffinity`	Control where client requests go, to the same pod or round-robin	`None`
`notificationController.service.receiver.sessionAffinityConfig`	Additional settings for the sessionAffinity	`{}`
`notificationController.service.webhook.type`	Notification Controller service type	`ClusterIP`
`notificationController.service.webhook.ports.http`	Notification Controller service webhook port	`80`
`notificationController.service.webhook.nodePorts.http`	Node port for HTTP	`""`
`notificationController.service.webhook.clusterIP`	Notification Controller service Cluster IP	`""`
`notificationController.service.webhook.loadBalancerIP`	Notification Controller service Load Balancer IP	`""`
`notificationController.service.webhook.loadBalancerSourceRanges`	Notification Controller service Load Balancer sources	`[]`
`notificationController.service.webhook.externalTrafficPolicy`	Notification Controller service external traffic policy	`Cluster`
`notificationController.service.webhook.annotations`	Additional custom annotations for Notification Controller service	`{}`
`notificationController.service.webhook.extraPorts`	Extra ports to expose in Notification Controller service (normally used with the `sidecars` value)	`[]`
`notificationController.service.webhook.sessionAffinity`	Control where client requests go, to the same pod or round-robin	`None`
`notificationController.service.webhook.sessionAffinityConfig`	Additional settings for the sessionAffinity	`{}`

Notification Controller RBAC Parameters

Name	Description	Value
`notificationController.rbac.create`	Specifies whether RBAC resources should be created	`true`
`notificationController.rbac.rules`	Custom RBAC rules to set	`[]`
`notificationController.serviceAccount.create`	Specifies whether a ServiceAccount should be created	`true`
`notificationController.serviceAccount.name`	The name of the ServiceAccount to use.	`""`
`notificationController.serviceAccount.annotations`	Additional Service Account annotations (evaluated as a template)	`{}`
`notificationController.serviceAccount.automountServiceAccountToken`	Automount service account token for the server service account	`false`

Notification Controller Metrics Parameters

Name	Description	Value
`notificationController.metrics.enabled`	Enable the export of Prometheus metrics	`true`
`notificationController.metrics.service.type`	Notification Controller service type	`ClusterIP`
`notificationController.metrics.service.ports.metrics`	Notification Controller service metrics port	`80`
`notificationController.metrics.service.nodePorts.metrics`	Node port for HTTP	`""`
`notificationController.metrics.service.clusterIP`	Notification Controller service Cluster IP	`""`
`notificationController.metrics.service.loadBalancerIP`	Notification Controller service Load Balancer IP	`""`
`notificationController.metrics.service.loadBalancerSourceRanges`	Notification Controller service Load Balancer sources	`[]`
`notificationController.metrics.service.externalTrafficPolicy`	Notification Controller service external traffic policy	`Cluster`
`notificationController.metrics.service.annotations`	Additional custom annotations for Notification Controller service	`{}`
`notificationController.metrics.service.extraPorts`	Extra ports to expose in Notification Controller service (normally used with the `sidecars` value)	`[]`
`notificationController.metrics.service.sessionAffinity`	Control where client requests go, to the same pod or round-robin	`None`
`notificationController.metrics.service.sessionAffinityConfig`	Additional settings for the sessionAffinity	`{}`
`notificationController.metrics.serviceMonitor.enabled`	if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`)	`false`
`notificationController.metrics.serviceMonitor.namespace`	Namespace in which Prometheus is running	`""`
`notificationController.metrics.serviceMonitor.annotations`	Additional custom annotations for the ServiceMonitor	`{}`
`notificationController.metrics.serviceMonitor.labels`	Extra labels for the ServiceMonitor	`{}`
`notificationController.metrics.serviceMonitor.jobLabel`	The name of the label on the target service to use as the job name in Prometheus	`""`
`notificationController.metrics.serviceMonitor.honorLabels`	honorLabels chooses the metric’s labels on collisions with target labels	`false`
`notificationController.metrics.serviceMonitor.interval`	Interval at which metrics should be scraped.	`""`
`notificationController.metrics.serviceMonitor.scrapeTimeout`	Timeout after which the scrape is ended	`""`
`notificationController.metrics.serviceMonitor.metricRelabelings`	Specify additional relabeling of metrics	`[]`
`notificationController.metrics.serviceMonitor.relabelings`	Specify general relabeling	`[]`
`notificationController.metrics.serviceMonitor.selector`	Prometheus instance selector labels	`{}`

Image Automation Controller Parameters

Name	Description	Value
`imageAutomationController.enabled`	Enable Image Automation Controller	`true`
`imageAutomationController.installCRDs`	Flag to install Image Automation Controller CRDs	`true`
`imageAutomationController.watchAllNamespaces`	Watch for custom resources in all namespaces	`true`
`imageAutomationController.image.registry`	Image Automation Controller image registry	`REGISTRY_NAME`
`imageAutomationController.image.repository`	Image Automation Controller image repository	`REPOSITORY_NAME/fluxcd-image-automation-controller`
`imageAutomationController.image.digest`	Image Automation Controller image digest in the way sha256:aa…. Please note this parameter, if set, will override the tag image tag (immutable tags are recommended)	`""`
`imageAutomationController.image.pullPolicy`	Image Automation Controller image pull policy	`IfNotPresent`
`imageAutomationController.image.pullSecrets`	Image Automation Controller image pull secrets	`[]`
`imageAutomationController.image.debug`	Enable Image Automation Controller image debug mode	`false`
`imageAutomationController.replicaCount`	Number of Image Automation Controller replicas to deploy	`1`
`imageAutomationController.containerPorts.metrics`	Image Automation Controller metrics container port	`8080`
`imageAutomationController.containerPorts.health`	Image Automation Controller health container port	`9440`
`imageAutomationController.networkPolicy.enabled`	Specifies whether a NetworkPolicy should be created	`true`
`imageAutomationController.networkPolicy.allowExternal`	Don’t require server label for connections	`true`
`imageAutomationController.networkPolicy.allowExternalEgress`	Allow the pod to access any range of port and all destinations.	`true`
`imageAutomationController.networkPolicy.kubeAPIServerPorts`	List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security)	`[]`
`imageAutomationController.networkPolicy.extraIngress`	Add extra ingress rules to the NetworkPolicy	`[]`
`imageAutomationController.networkPolicy.extraEgress`	Add extra ingress rules to the NetworkPolicy	`[]`
`imageAutomationController.networkPolicy.ingressNSMatchLabels`	Labels to match to allow traffic from other namespaces	`{}`
`imageAutomationController.networkPolicy.ingressNSPodMatchLabels`	Pod labels to match to allow traffic from other namespaces	`{}`
`imageAutomationController.livenessProbe.enabled`	Enable livenessProbe on Image Automation Controller containers	`true`
`imageAutomationController.livenessProbe.initialDelaySeconds`	Initial delay seconds for livenessProbe	`5`
`imageAutomationController.livenessProbe.periodSeconds`	Period seconds for livenessProbe	`10`
`imageAutomationController.livenessProbe.timeoutSeconds`	Timeout seconds for livenessProbe	`5`
`imageAutomationController.livenessProbe.failureThreshold`	Failure threshold for livenessProbe	`5`
`imageAutomationController.livenessProbe.successThreshold`	Success threshold for livenessProbe	`1`
`imageAutomationController.readinessProbe.enabled`	Enable readinessProbe on Image Automation Controller containers	`true`
`imageAutomationController.readinessProbe.initialDelaySeconds`	Initial delay seconds for readinessProbe	`5`
`imageAutomationController.readinessProbe.periodSeconds`	Period seconds for readinessProbe	`10`
`imageAutomationController.readinessProbe.timeoutSeconds`	Timeout seconds for readinessProbe	`5`
`imageAutomationController.readinessProbe.failureThreshold`	Failure threshold for readinessProbe	`5`
`imageAutomationController.readinessProbe.successThreshold`	Success threshold for readinessProbe	`1`
`imageAutomationController.startupProbe.enabled`	Enable startupProbe on Image Automation Controller containers	`false`
`imageAutomationController.startupProbe.initialDelaySeconds`	Initial delay seconds for startupProbe	`5`
`imageAutomationController.startupProbe.periodSeconds`	Period seconds for startupProbe	`10`
`imageAutomationController.startupProbe.timeoutSeconds`	Timeout seconds for startupProbe	`5`
`imageAutomationController.startupProbe.failureThreshold`	Failure threshold for startupProbe	`5`
`imageAutomationController.startupProbe.successThreshold`	Success threshold for startupProbe	`1`
`imageAutomationController.customLivenessProbe`	Custom livenessProbe that overrides the default one	`{}`
`imageAutomationController.customReadinessProbe`	Custom readinessProbe that overrides the default one	`{}`
`imageAutomationController.customStartupProbe`	Custom startupProbe that overrides the default one	`{}`
`imageAutomationController.resourcesPreset`	Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if imageAutomationController.resources is set (imageAutomationController.resources is recommended for production).	`nano`
`imageAutomationController.resources`	Set container requests and limits for different resources like CPU or memory (essential for production workloads)	`{}`
`imageAutomationController.podSecurityContext.enabled`	Enabled Image Automation Controller pods’ Security Context	`true`
`imageAutomationController.podSecurityContext.fsGroupChangePolicy`	Set filesystem group change policy	`Always`
`imageAutomationController.podSecurityContext.sysctls`	Set kernel settings using the sysctl interface	`[]`
`imageAutomationController.podSecurityContext.supplementalGroups`	Set filesystem extra groups	`[]`
`imageAutomationController.podSecurityContext.fsGroup`	Set Image Automation Controller pod’s Security Context fsGroup	`1001`
`imageAutomationController.containerSecurityContext.enabled`	Enabled Image Automation Controller containers’ Security Context	`true`
`imageAutomationController.containerSecurityContext.seLinuxOptions`	Set SELinux options in container	`{}`
`imageAutomationController.containerSecurityContext.runAsUser`	Set containers’ Security Context runAsUser	`1001`
`imageAutomationController.containerSecurityContext.runAsGroup`	Set containers’ Security Context runAsGroup	`1001`
`imageAutomationController.containerSecurityContext.runAsNonRoot`	Set Image Automation Controller containers’ Security Context runAsNonRoot	`true`
`imageAutomationController.containerSecurityContext.readOnlyRootFilesystem`	Set Image Automation Controller containers’ Security Context runAsNonRoot	`true`
`imageAutomationController.containerSecurityContext.privileged`	Set Image Automation Controller containers’ Security Context privileged	`false`
`imageAutomationController.containerSecurityContext.allowPrivilegeEscalation`	Set Image Automation Controller container’s privilege escalation	`false`
`imageAutomationController.containerSecurityContext.capabilities.drop`	Set Image Automation Controller container’s Security Context runAsNonRoot	`["ALL"]`
`imageAutomationController.containerSecurityContext.seccompProfile.type`	Set Image Automation Controller container’s Security Context seccomp profile	`RuntimeDefault`
`imageAutomationController.command`	Override default container command (useful when using custom images)	`[]`
`imageAutomationController.args`	Override default container args (useful when using custom images)	`[]`
`imageAutomationController.automountServiceAccountToken`	Mount Service Account token in pod	`true`
`imageAutomationController.hostAliases`	Image Automation Controller pods host aliases	`[]`
`imageAutomationController.podLabels`	Extra labels for Image Automation Controller pods	`{}`
`imageAutomationController.podAnnotations`	Annotations for Image Automation Controller pods	`{}`
`imageAutomationController.podAffinityPreset`	Pod affinity preset. Ignored if `imageAutomationController.affinity` is set. Allowed values: `soft` or `hard`	`""`
`imageAutomationController.podAntiAffinityPreset`	Pod anti-affinity preset. Ignored if `imageAutomationController.affinity` is set. Allowed values: `soft` or `hard`	`soft`
`imageAutomationController.pdb.create`	Enable/disable a Pod Disruption Budget creation	`true`
`imageAutomationController.pdb.minAvailable`	Minimum number/percentage of pods that should remain scheduled	`""`
`imageAutomationController.pdb.maxUnavailable`	Maximum number/percentage of pods that may be made unavailable	`""`
`imageAutomationController.autoscaling.enabled`	Enable autoscaling for imageAutomationController	`false`
`imageAutomationController.autoscaling.minReplicas`	Minimum number of imageAutomationController replicas	`""`
`imageAutomationController.autoscaling.maxReplicas`	Maximum number of imageAutomationController replicas	`""`
`imageAutomationController.autoscaling.targetCPU`	Target CPU utilization percentage	`""`
`imageAutomationController.autoscaling.targetMemory`	Target Memory utilization percentage	`""`
`imageAutomationController.nodeAffinityPreset.type`	Node affinity preset type. Ignored if `imageAutomationController.affinity` is set. Allowed values: `soft` or `hard`	`""`
`imageAutomationController.nodeAffinityPreset.key`	Node label key to match. Ignored if `imageAutomationController.affinity` is set	`""`
`imageAutomationController.nodeAffinityPreset.values`	Node label values to match. Ignored if `imageAutomationController.affinity` is set	`[]`
`imageAutomationController.affinity`	Affinity for Image Automation Controller pods assignment	`{}`
`imageAutomationController.nodeSelector`	Node labels for Image Automation Controller pods assignment	`{}`
`imageAutomationController.tolerations`	Tolerations for Image Automation Controller pods assignment	`[]`
`imageAutomationController.updateStrategy.type`	Image Automation Controller statefulset strategy type	`RollingUpdate`
`imageAutomationController.priorityClassName`	Image Automation Controller pods’ priorityClassName	`""`
`imageAutomationController.topologySpreadConstraints`	Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template	`[]`
`imageAutomationController.schedulerName`	Name of the k8s scheduler (other than default) for Image Automation Controller pods	`""`
`imageAutomationController.terminationGracePeriodSeconds`	Seconds Redmine pod needs to terminate gracefully	`""`
`imageAutomationController.lifecycleHooks`	for the Image Automation Controller container(s) to automate configuration before or after startup	`{}`
`imageAutomationController.extraEnvVars`	Array with extra environment variables to add to Image Automation Controller nodes	`[]`
`imageAutomationController.extraEnvVarsCM`	Name of existing ConfigMap containing extra env vars for Image Automation Controller nodes	`""`
`imageAutomationController.extraEnvVarsSecret`	Name of existing Secret containing extra env vars for Image Automation Controller nodes	`""`
`imageAutomationController.extraVolumes`	Optionally specify extra list of additional volumes for the Image Automation Controller pod(s)	`[]`
`imageAutomationController.extraVolumeMounts`	Optionally specify extra list of additional volumeMounts for the Image Automation Controller container(s)	`[]`
`imageAutomationController.sidecars`	Add additional sidecar containers to the Image Automation Controller pod(s)	`[]`
`imageAutomationController.initContainers`	Add additional init containers to the Image Automation Controller pod(s)	`[]`

Image Automation Controller RBAC Parameters

Name	Description	Value
`imageAutomationController.rbac.create`	Specifies whether RBAC resources should be created	`true`
`imageAutomationController.rbac.rules`	Custom RBAC rules to set	`[]`
`imageAutomationController.serviceAccount.create`	Specifies whether a ServiceAccount should be created	`true`
`imageAutomationController.serviceAccount.name`	The name of the ServiceAccount to use.	`""`
`imageAutomationController.serviceAccount.annotations`	Additional Service Account annotations (evaluated as a template)	`{}`
`imageAutomationController.serviceAccount.automountServiceAccountToken`	Automount service account token for the server service account	`false`

Image Automation Controller Metrics Parameters

Name	Description	Value
`imageAutomationController.metrics.enabled`	Enable the export of Prometheus metrics	`true`
`imageAutomationController.metrics.service.type`	Image Automation Controller service type	`ClusterIP`
`imageAutomationController.metrics.service.ports.metrics`	Image Automation Controller service metrics port	`80`
`imageAutomationController.metrics.service.nodePorts.metrics`	Node port for HTTP	`""`
`imageAutomationController.metrics.service.clusterIP`	Image Automation Controller service Cluster IP	`""`
`imageAutomationController.metrics.service.loadBalancerIP`	Image Automation Controller service Load Balancer IP	`""`
`imageAutomationController.metrics.service.loadBalancerSourceRanges`	Image Automation Controller service Load Balancer sources	`[]`
`imageAutomationController.metrics.service.externalTrafficPolicy`	Image Automation Controller service external traffic policy	`Cluster`
`imageAutomationController.metrics.service.annotations`	Additional custom annotations for Image Automation Controller service	`{}`
`imageAutomationController.metrics.service.extraPorts`	Extra ports to expose in Image Automation Controller service (normally used with the `sidecars` value)	`[]`
`imageAutomationController.metrics.service.sessionAffinity`	Control where client requests go, to the same pod or round-robin	`None`
`imageAutomationController.metrics.service.sessionAffinityConfig`	Additional settings for the sessionAffinity	`{}`
`imageAutomationController.metrics.serviceMonitor.enabled`	if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`)	`false`
`imageAutomationController.metrics.serviceMonitor.namespace`	Namespace in which Prometheus is running	`""`
`imageAutomationController.metrics.serviceMonitor.annotations`	Additional custom annotations for the ServiceMonitor	`{}`
`imageAutomationController.metrics.serviceMonitor.labels`	Extra labels for the ServiceMonitor	`{}`
`imageAutomationController.metrics.serviceMonitor.jobLabel`	The name of the label on the target service to use as the job name in Prometheus	`""`
`imageAutomationController.metrics.serviceMonitor.honorLabels`	honorLabels chooses the metric’s labels on collisions with target labels	`false`
`imageAutomationController.metrics.serviceMonitor.interval`	Interval at which metrics should be scraped.	`""`
`imageAutomationController.metrics.serviceMonitor.scrapeTimeout`	Timeout after which the scrape is ended	`""`
`imageAutomationController.metrics.serviceMonitor.metricRelabelings`	Specify additional relabeling of metrics	`[]`
`imageAutomationController.metrics.serviceMonitor.relabelings`	Specify general relabeling	`[]`
`imageAutomationController.metrics.serviceMonitor.selector`	Prometheus instance selector labels	`{}`

Image Reflector Controller Parameters

Name	Description	Value
`imageReflectorController.enabled`	Enable Image Reflector Controller	`true`
`imageReflectorController.installCRDs`	Flag to install Image Reflector Controller CRDs	`true`
`imageReflectorController.watchAllNamespaces`	Watch for custom resources in all namespaces	`true`
`imageReflectorController.image.registry`	Image Reflector Controller image registry	`REGISTRY_NAME`
`imageReflectorController.image.repository`	Image Reflector Controller image repository	`REPOSITORY_NAME/fluxcd-image-reflector-controller`
`imageReflectorController.image.digest`	Image Reflector Controller image digest in the way sha256:aa…. Please note this parameter, if set, will override the tag image tag (immutable tags are recommended)	`""`
`imageReflectorController.image.pullPolicy`	Image Reflector Controller image pull policy	`IfNotPresent`
`imageReflectorController.image.pullSecrets`	Image Reflector Controller image pull secrets	`[]`
`imageReflectorController.image.debug`	Enable Image Reflector Controller image debug mode	`false`
`imageReflectorController.replicaCount`	Number of Image Reflector Controller replicas to deploy	`1`
`imageReflectorController.containerPorts.metrics`	Image Reflector Controller metrics container port	`8080`
`imageReflectorController.containerPorts.health`	Image Reflector Controller health container port	`9440`
`imageReflectorController.networkPolicy.enabled`	Specifies whether a NetworkPolicy should be created	`true`
`imageReflectorController.networkPolicy.allowExternal`	Don’t require server label for connections	`true`
`imageReflectorController.networkPolicy.allowExternalEgress`	Allow the pod to access any range of port and all destinations.	`true`
`imageReflectorController.networkPolicy.kubeAPIServerPorts`	List of possible endpoints to kube-apiserver (limit to your cluster settings to increase security)	`[]`
`imageReflectorController.networkPolicy.extraIngress`	Add extra ingress rules to the NetworkPolicy	`[]`
`imageReflectorController.networkPolicy.extraEgress`	Add extra ingress rules to the NetworkPolicy	`[]`
`imageReflectorController.networkPolicy.ingressNSMatchLabels`	Labels to match to allow traffic from other namespaces	`{}`
`imageReflectorController.networkPolicy.ingressNSPodMatchLabels`	Pod labels to match to allow traffic from other namespaces	`{}`
`imageReflectorController.livenessProbe.enabled`	Enable livenessProbe on Image Reflector Controller containers	`true`
`imageReflectorController.livenessProbe.initialDelaySeconds`	Initial delay seconds for livenessProbe	`5`
`imageReflectorController.livenessProbe.periodSeconds`	Period seconds for livenessProbe	`10`
`imageReflectorController.livenessProbe.timeoutSeconds`	Timeout seconds for livenessProbe	`5`
`imageReflectorController.livenessProbe.failureThreshold`	Failure threshold for livenessProbe	`5`
`imageReflectorController.livenessProbe.successThreshold`	Success threshold for livenessProbe	`1`
`imageReflectorController.readinessProbe.enabled`	Enable readinessProbe on Image Reflector Controller containers	`true`
`imageReflectorController.readinessProbe.initialDelaySeconds`	Initial delay seconds for readinessProbe	`5`
`imageReflectorController.readinessProbe.periodSeconds`	Period seconds for readinessProbe	`10`
`imageReflectorController.readinessProbe.timeoutSeconds`	Timeout seconds for readinessProbe	`5`
`imageReflectorController.readinessProbe.failureThreshold`	Failure threshold for readinessProbe	`5`
`imageReflectorController.readinessProbe.successThreshold`	Success threshold for readinessProbe	`1`
`imageReflectorController.startupProbe.enabled`	Enable startupProbe on Image Reflector Controller containers	`false`
`imageReflectorController.startupProbe.initialDelaySeconds`	Initial delay seconds for startupProbe	`5`
`imageReflectorController.startupProbe.periodSeconds`	Period seconds for startupProbe	`10`
`imageReflectorController.startupProbe.timeoutSeconds`	Timeout seconds for startupProbe	`5`
`imageReflectorController.startupProbe.failureThreshold`	Failure threshold for startupProbe	`5`
`imageReflectorController.startupProbe.successThreshold`	Success threshold for startupProbe	`1`
`imageReflectorController.customLivenessProbe`	Custom livenessProbe that overrides the default one	`{}`
`imageReflectorController.customReadinessProbe`	Custom readinessProbe that overrides the default one	`{}`
`imageReflectorController.customStartupProbe`	Custom startupProbe that overrides the default one	`{}`
`imageReflectorController.resourcesPreset`	Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if imageReflectorController.resources is set (imageReflectorController.resources is recommended for production).	`nano`
`imageReflectorController.resources`	Set container requests and limits for different resources like CPU or memory (essential for production workloads)	`{}`
`imageReflectorController.podSecurityContext.enabled`	Enabled Image Reflector Controller pods’ Security Context	`true`
`imageReflectorController.podSecurityContext.fsGroupChangePolicy`	Set filesystem group change policy	`Always`
`imageReflectorController.podSecurityContext.sysctls`	Set kernel settings using the sysctl interface	`[]`
`imageReflectorController.podSecurityContext.supplementalGroups`	Set filesystem extra groups	`[]`
`imageReflectorController.podSecurityContext.fsGroup`	Set Image Reflector Controller pod’s Security Context fsGroup	`1001`
`imageReflectorController.containerSecurityContext.enabled`	Enabled Image Reflector Controller containers’ Security Context	`true`
`imageReflectorController.containerSecurityContext.seLinuxOptions`	Set SELinux options in container	`{}`
`imageReflectorController.containerSecurityContext.runAsUser`	Set containers’ Security Context runAsUser	`1001`
`imageReflectorController.containerSecurityContext.runAsGroup`	Set containers’ Security Context runAsGroup	`1001`
`imageReflectorController.containerSecurityContext.runAsNonRoot`	Set Image Reflector Controller containers’ Security Context runAsNonRoot	`true`
`imageReflectorController.containerSecurityContext.privileged`	Set Image Reflector Controller containers’ Security Context privileged	`false`
`imageReflectorController.containerSecurityContext.readOnlyRootFilesystem`	Set Image Reflector Controller containers’ Security Context runAsNonRoot	`true`
`imageReflectorController.containerSecurityContext.allowPrivilegeEscalation`	Set Image Reflector Controller container’s privilege escalation	`false`
`imageReflectorController.containerSecurityContext.capabilities.drop`	Set Image Reflector Controller container’s Security Context runAsNonRoot	`["ALL"]`
`imageReflectorController.containerSecurityContext.seccompProfile.type`	Set Image Reflector Controller container’s Security Context seccomp profile	`RuntimeDefault`
`imageReflectorController.command`	Override default container command (useful when using custom images)	`[]`
`imageReflectorController.args`	Override default container args (useful when using custom images)	`[]`
`imageReflectorController.automountServiceAccountToken`	Mount Service Account token in pod	`true`
`imageReflectorController.hostAliases`	Image Reflector Controller pods host aliases	`[]`
`imageReflectorController.podLabels`	Extra labels for Image Reflector Controller pods	`{}`
`imageReflectorController.podAnnotations`	Annotations for Image Reflector Controller pods	`{}`
`imageReflectorController.podAffinityPreset`	Pod affinity preset. Ignored if `imageReflectorController.affinity` is set. Allowed values: `soft` or `hard`	`""`
`imageReflectorController.podAntiAffinityPreset`	Pod anti-affinity preset. Ignored if `imageReflectorController.affinity` is set. Allowed values: `soft` or `hard`	`soft`
`imageReflectorController.pdb.create`	Enable/disable a Pod Disruption Budget creation	`true`
`imageReflectorController.pdb.minAvailable`	Minimum number/percentage of pods that should remain scheduled	`""`
`imageReflectorController.pdb.maxUnavailable`	Maximum number/percentage of pods that may be made unavailable	`""`
`imageReflectorController.autoscaling.enabled`	Enable autoscaling for imageReflectorController	`false`
`imageReflectorController.autoscaling.minReplicas`	Minimum number of imageReflectorController replicas	`""`
`imageReflectorController.autoscaling.maxReplicas`	Maximum number of imageReflectorController replicas	`""`
`imageReflectorController.autoscaling.targetCPU`	Target CPU utilization percentage	`""`
`imageReflectorController.autoscaling.targetMemory`	Target Memory utilization percentage	`""`
`imageReflectorController.nodeAffinityPreset.type`	Node affinity preset type. Ignored if `imageReflectorController.affinity` is set. Allowed values: `soft` or `hard`	`""`
`imageReflectorController.nodeAffinityPreset.key`	Node label key to match. Ignored if `imageReflectorController.affinity` is set	`""`
`imageReflectorController.nodeAffinityPreset.values`	Node label values to match. Ignored if `imageReflectorController.affinity` is set	`[]`
`imageReflectorController.affinity`	Affinity for Image Reflector Controller pods assignment	`{}`
`imageReflectorController.nodeSelector`	Node labels for Image Reflector Controller pods assignment	`{}`
`imageReflectorController.tolerations`	Tolerations for Image Reflector Controller pods assignment	`[]`
`imageReflectorController.updateStrategy.type`	Image Reflector Controller statefulset strategy type	`RollingUpdate`
`imageReflectorController.priorityClassName`	Image Reflector Controller pods’ priorityClassName	`""`
`imageReflectorController.topologySpreadConstraints`	Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template	`[]`
`imageReflectorController.schedulerName`	Name of the k8s scheduler (other than default) for Image Reflector Controller pods	`""`
`imageReflectorController.terminationGracePeriodSeconds`	Seconds Redmine pod needs to terminate gracefully	`""`
`imageReflectorController.lifecycleHooks`	for the Image Reflector Controller container(s) to automate configuration before or after startup	`{}`
`imageReflectorController.extraEnvVars`	Array with extra environment variables to add to Image Reflector Controller nodes	`[]`
`imageReflectorController.extraEnvVarsCM`	Name of existing ConfigMap containing extra env vars for Image Reflector Controller nodes	`""`
`imageReflectorController.extraEnvVarsSecret`	Name of existing Secret containing extra env vars for Image Reflector Controller nodes	`""`
`imageReflectorController.extraVolumes`	Optionally specify extra list of additional volumes for the Image Reflector Controller pod(s)	`[]`
`imageReflectorController.extraVolumeMounts`	Optionally specify extra list of additional volumeMounts for the Image Reflector Controller container(s)	`[]`
`imageReflectorController.sidecars`	Add additional sidecar containers to the Image Reflector Controller pod(s)	`[]`
`imageReflectorController.initContainers`	Add additional init containers to the Image Reflector Controller pod(s)	`[]`

Image Reflector Conttroller Persistence Parameters

Name	Description	Value
`imageReflectorController.persistence.enabled`	Enable persistence using Persistent Volume Claims	`false`
`imageReflectorController.persistence.resourcePolicy`	Setting it to “keep” to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted	`""`
`imageReflectorController.persistence.mountPath`	Persistent Volume mount root path	`/bitnami/fluxcd-image-reflector-controller/data`
`imageReflectorController.persistence.storageClass`	Persistent Volume storage class	`""`
`imageReflectorController.persistence.accessModes`	Persistent Volume access modes	`[]`
`imageReflectorController.persistence.size`	Persistent Volume size	`10Gi`
`imageReflectorController.persistence.dataSource`	Custom PVC data source	`{}`
`imageReflectorController.persistence.annotations`	Annotations for the PVC	`{}`
`imageReflectorController.persistence.selector`	Selector to match an existing Persistent Volume (this value is evaluated as a template)	`{}`
`imageReflectorController.persistence.existingClaim`	The name of an existing PVC to use for persistence	`""`

Image Reflector Controller RBAC Parameters

Name	Description	Value
`imageReflectorController.rbac.create`	Specifies whether RBAC resources should be created	`true`
`imageReflectorController.rbac.rules`	Custom RBAC rules to set	`[]`
`imageReflectorController.serviceAccount.create`	Specifies whether a ServiceAccount should be created	`true`
`imageReflectorController.serviceAccount.name`	The name of the ServiceAccount to use.	`""`
`imageReflectorController.serviceAccount.annotations`	Additional Service Account annotations (evaluated as a template)	`{}`
`imageReflectorController.serviceAccount.automountServiceAccountToken`	Automount service account token for the server service account	`false`

Image Reflector Controller Metrics Parameters

Name	Description	Value
`imageReflectorController.metrics.enabled`	Enable the export of Prometheus metrics	`true`
`imageReflectorController.metrics.service.type`	Image Reflector Controller service type	`ClusterIP`
`imageReflectorController.metrics.service.ports.metrics`	Image Reflector Controller service metrics port	`80`
`imageReflectorController.metrics.service.nodePorts.metrics`	Node port for HTTP	`""`
`imageReflectorController.metrics.service.clusterIP`	Image Reflector Controller service Cluster IP	`""`
`imageReflectorController.metrics.service.loadBalancerIP`	Image Reflector Controller service Load Balancer IP	`""`
`imageReflectorController.metrics.service.loadBalancerSourceRanges`	Image Reflector Controller service Load Balancer sources	`[]`
`imageReflectorController.metrics.service.externalTrafficPolicy`	Image Reflector Controller service external traffic policy	`Cluster`
`imageReflectorController.metrics.service.annotations`	Additional custom annotations for Image Reflector Controller service	`{}`
`imageReflectorController.metrics.service.extraPorts`	Extra ports to expose in Image Reflector Controller service (normally used with the `sidecars` value)	`[]`
`imageReflectorController.metrics.service.sessionAffinity`	Control where client requests go, to the same pod or round-robin	`None`
`imageReflectorController.metrics.service.sessionAffinityConfig`	Additional settings for the sessionAffinity	`{}`
`imageReflectorController.metrics.serviceMonitor.enabled`	if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`)	`false`
`imageReflectorController.metrics.serviceMonitor.namespace`	Namespace in which Prometheus is running	`""`
`imageReflectorController.metrics.serviceMonitor.annotations`	Additional custom annotations for the ServiceMonitor	`{}`
`imageReflectorController.metrics.serviceMonitor.labels`	Extra labels for the ServiceMonitor	`{}`
`imageReflectorController.metrics.serviceMonitor.jobLabel`	The name of the label on the target service to use as the job name in Prometheus	`""`
`imageReflectorController.metrics.serviceMonitor.honorLabels`	honorLabels chooses the metric’s labels on collisions with target labels	`false`
`imageReflectorController.metrics.serviceMonitor.interval`	Interval at which metrics should be scraped.	`""`
`imageReflectorController.metrics.serviceMonitor.scrapeTimeout`	Timeout after which the scrape is ended	`""`
`imageReflectorController.metrics.serviceMonitor.metricRelabelings`	Specify additional relabeling of metrics	`[]`
`imageReflectorController.metrics.serviceMonitor.relabelings`	Specify general relabeling	`[]`
`imageReflectorController.metrics.serviceMonitor.selector`	Prometheus instance selector labels	`{}`
`volumePermissions.enabled`	Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup`	`false`
`volumePermissions.image.registry`	OS Shell + Utility image registry	`REGISTRY_NAME`
`volumePermissions.image.repository`	OS Shell + Utility image repository	`REPOSITORY_NAME/os-shell`
`volumePermissions.image.digest`	OS Shell + Utility image digest in the way sha256:aa…. Please note this parameter, if set, will override the tag	`""`
`volumePermissions.image.pullPolicy`	OS Shell + Utility image pull policy	`IfNotPresent`
`volumePermissions.image.pullSecrets`	OS Shell + Utility image pull secrets	`[]`
`volumePermissions.resourcesPreset`	Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production).	`nano`
`volumePermissions.resources`	Set container requests and limits for different resources like CPU or memory (essential for production workloads)	`{}`
`volumePermissions.containerSecurityContext.enabled`	Enable init container’s Security Context	`true`
`volumePermissions.containerSecurityContext.seLinuxOptions`	Set SELinux options in container	`{}`
`volumePermissions.containerSecurityContext.runAsUser`	Set init container’s Security Context runAsUser	`0`

There are cases where you may want to deploy extra objects, such as HelmRelease, Kustomization, amongst others. For covering this case, the chart allows adding the full specification of other objects using the extraDeploy parameter. The following example would activate a plugin at deployment time.

## Extra objects to deploy (value evaluated as a template)
##
extraDeploy:
  - |
    apiVersion: helm.toolkit.fluxcd.io/v2beta1
    kind: HelmRelease
    metadata:
      name: podinfo
    spec:
      chart:
        spec:
          version: ">=1.0.0-alpha"
      test:
        enable: true
      values:
        ingress:
          hosts:
            - host: podinfo.staging

Troubleshooting

Find more information about how to deal with common errors related to Bitnami’s Helm charts in this troubleshooting guide.

Upgrading

To 2.0.0

This major bump changes the following security defaults:

resourcesPreset is changed from none to the minimum size working in our test suites (NOTE: resourcesPreset is not meant for production usage, but resources adapted to your use case).
global.compatibility.openshift.adaptSecurityContext is changed from disabled to auto.

This could potentially break any customization or init scripts used in your deployment. If this is the case, change the default values to the previous ones.

License

Licensed under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.