diff --git a/addons/opsportal/1.1.x/opsportal-9.yaml b/addons/opsportal/1.1.x/opsportal-9.yaml new file mode 100644 index 00000000..a012fccf --- /dev/null +++ b/addons/opsportal/1.1.x/opsportal-9.yaml @@ -0,0 +1,49 @@ +--- +apiVersion: kubeaddons.mesosphere.io/v1beta1 +kind: Addon +metadata: + name: opsportal + namespace: kubeaddons + labels: + kubeaddons.mesosphere.io/name: opsportal + annotations: + catalog.kubeaddons.mesosphere.io/addon-revision: "1.1.0-9" + appversion.kubeaddons.mesosphere.io/opsportal: "1.1.0" + endpoint.kubeaddons.mesosphere.io/opsportal: /ops/portal/ + values.chart.helm.kubeaddons.mesosphere.io/opsportal: "https://raw.githubusercontent.com/mesosphere/charts/132c1662f1/stable/opsportal/values.yaml" +spec: + kubernetes: + minSupportedVersion: v1.15.6 + cloudProvider: + - name: aws + enabled: true + - name: azure + enabled: true + - name: gcp + enabled: true + - name: docker + enabled: true + - name: none + enabled: true + chartReference: + chart: opsportal + repo: https://mesosphere.github.io/charts/stable + version: 0.3.19 + values: | + --- + landing: + resources: + requests: + cpu: 100m + memory: 128Mi + opsportalRBAC: + enabled: true + path: /ops/portal + graphqlPath: /ops/portal/graphql + ## traefik-forward-auth 2.0 introduces RBAC support and now requires that users, regardless of whitelist, + ## be allowed access to a resource via explicit RBAC policy. Upon upgrade, whitelisted users would no longer + ## have access to ops portal resources unless an appropriate role binding existed. To prevent breakage, + ## the allowAllAuthenticated option, when true, will result in the group `system:authenticated` being bound to + ## to the opsportal-admin role. This mimics the existing security policy where any authenticated and whitelisted user + ## has full access to the opsportal. This option will be removed in the 0.3 release of this chart. + allowAllAuthenticated: false