diff --git a/CVEs/v1.34.0/furyctl.yaml b/CVEs/v1.34.0/furyctl.yaml new file mode 100644 index 0000000..78bf1b5 --- /dev/null +++ b/CVEs/v1.34.0/furyctl.yaml @@ -0,0 +1,131 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/sighupio/distribution/v1.33.0/schemas/public/kfddistribution-kfd-v1alpha2.json +# Copyright (c) 2017-present SIGHUP s.r.l All rights reserved. +# Use of this source code is governed by a BSD-style +# license that can be found in the LICENSE file. + + +# This is a sample configuration file to be used as a starting point. For the +# complete reference of the configuration file schema, please refer to the +# official documentation: +# https://docs.kubernetesfury.com/docs/installation/kfd-configuration/providers/KFDDistribution + +--- +apiVersion: kfd.sighup.io/v1alpha2 +kind: KFDDistribution +metadata: + # The name of the cluster, will be also used as a prefix for all the other resources created + name: sighup +spec: + # This value defines which KFD version will be installed and in consequence the Kubernetes version to use to create the cluster, + # it supports git tags and branches + distributionVersion: feat/release-v1.34.0 + # This section describes how the KFD distribution will be installed + distribution: + # This common configuration will be applied to all the packages that will be installed in the cluster + kubeconfig: path/to/kubeconfig + # common: + # # The node selector to use to place the pods for all the KFD packages + # nodeSelector: + # node.kubernetes.io/role: infra + # # The tolerations that will be added to the pods for all the KFD packages + # tolerations: + # - effect: NoSchedule + # key: node.kubernetes.io/role + # value: infra + # This section contains all the configurations for all the KFD core modules + modules: + networking: + # this type defines if we need to install the networking in the cluster, type available: none, cilium, calico + type: none + # This section contains all the configurations for the ingress module + ingress: + # the base domain used for all the KFD ingresses, if in the nginx dual configuration, it should be the same as the .spec.distribution.modules.ingress.dns.private.name zone + baseDomain: internal.example.dev + # configurations for the nginx ingress controller package + nginx: + # type defines if the nginx should be configured as single or dual (internal + external) or none, with none no ingress controller will be deployed and also no ingress resource will be created + type: dual + # the tls section defines how the tls for the ingresses should be managed + tls: + # provider can be certManager, secret + provider: certManager + # if provider is set as secret, this key will be used to create the certificate in the cluster + # secret: + # the certificate file content or you can use the file notation to get the content from a file + # cert: "{file://relative/path/to/ssl.crt}" + # the key file, a file notation can be used to get the content from a file + # key: "{file://relative/path/to/ssl.key}" + # the ca file, a file notation can be used to get the content from a file + # ca: "{file://relative/path/to/ssl.ca}" + haproxy: + # type defines if the nginx should be configured as single or dual (internal + external) or none, with none no ingress controller will be deployed and also no ingress resource will be created + type: dual + # the tls section defines how the tls for the ingresses should be managed + tls: + # provider can be certManager, secret + provider: certManager + # configuration for the cert-manager package + certManager: + # the configuration for the clusterIssuer that will be created + clusterIssuer: + # the name of the clusterIssuer + name: letsencrypt-fury + # the email used during issuing procedures + email: example@sighup.io + # you can configure the clusterIssuer by specifing type (can be only http01) or custom solvers + type: http01 + # the custom solvers configurations + # solvers: + # - http01: + # ingress: + # class: nginx + # This section contains all the configurations for the logging module + logging: + # can be opensearch, loki, customOutput or none. With none, the logging module won't be installed + type: loki + # configurations for the loki package + # loki: + # retentionTime: "15d" + # configurations for the minio-ha package + minio: + # the PVC size for each minio disk, 6 disks total + storageSize: "20Gi" + # This section contains all the configurations for the monitoring module + monitoring: + # can be prometheus, prometheusAgent, mimir or none. With none, nothing from the monitoring module will be installed + type: "prometheus" + # This section contains all the configurations for the tracing module + tracing: + # can be tempo or none, with none, nothing from the tracing module will be installed + type: tempo + # configurations for the minio-ha package + minio: + # the PVC size for each minio disk, 6 disks total + storageSize: "20Gi" + # This section contains all the configurations for the policy (opa) module + policy: + # type can be gatekeeper, kyverno or none + type: gatekeeper + # configurations for the gatekeeper package + gatekeeper: + # This parameter adds namespaces to Gatekeeper's exemption list, so it will not enforce the constraints on them. + additionalExcludedNamespaces: [] + installDefaultPolicies: true + enforcementAction: deny + # This section contains all the configurations for the Disaster Recovery module + dr: + # type can be none or on-premises + type: on-premises + # Configurations for the velero package + velero: {} + # This section contains all the configurations for the auth module + auth: + provider: + # The authentication type used for the infrastructure ingresses (all the ingress for the distribution) can be none, basicAuth, sso + type: none + # The base domain used for all the auth ingresses, if in the nginx dual configuration, it should be the same as the .spec.distribution.modules.ingress.dns.public.name zone + baseDomain: example.dev + # Custom Patches to add or override fields in the generated manifests + #customPatches: {} + # Plugins to be installed + #plugins: {}