valitydev/botkube
14
0
Fork 0
mirror of https://github.com/valitydev/botkube.git synced 2024-11-06 08:25:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
a4a93288a5
botkube/deploy-all-in-one-tls.yaml
Sumit Lalwani a4a93288a5 Pass communication settings as a k8s secret (#233)
2019-12-22 18:31:49 +05:30

338 lines
7.9 KiB
YAML
Raw Blame History

---
# Configmap
apiVersion: v1
kind: ConfigMap
metadata:
name: botkube-configmap
labels:
app: botkube
data:
config.yaml: |
## Resources you want to watch
resources:
namespaces:
include:
- all
ignore: # List of namespaces to be ignored (omitempty), used only with include: all
- # example : include [all], ignore [x,y,z]
events: # List of lifecycle events you want to receive, e.g create, update, delete, error OR all
- create
- delete
- error
- name: service
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: deployment
namespaces:
include:
- all
ignore:
-
events:
- create
- update
- delete
- error
- name: statefulset
namespaces:
include:
- all
ignore:
-
events:
- create
- update
- delete
- error
- name: ingress
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: node
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: namespace
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: persistentvolume
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: persistentvolumeclaim
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: configmap
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: daemonset
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- update
- error
- name: job
namespaces:
include:
- all
ignore:
-
events:
- create
- update
- delete
- error
- name: role
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: rolebinding
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: clusterrole
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: clusterrolebinding
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
# Check true if you want to receive recommendations
# about the best practices for the created resource
recommendations: true
# Setting to support multiple clusters
settings:
# Cluster name to differentiate incoming messages
clustername: not-configured
# Set true to enable kubectl commands execution
allowkubectl: false
# Set true to enable config watcher
configwatcher: true
# Set false to disable upgrade notification
upgradeNotifier: true
---
# secret
apiVersion: v1
kind: Secret
metadata:
name: botkube-communication-secret
labels:
app: botkube
type: Opaque
stringData:
comm_config.yaml: |
# Communication settings
communications:
# Settings for Slack
slack:
enabled: false
channel: 'SLACK_CHANNEL'
token: 'SLACK_API_TOKEN'
notiftype: short # Change notification type short/long you want to receive. notiftype is optional and Default notification type is short (if not specified)
# Settings for Mattermost
mattermost:
enabled: false
url: 'MATTERMOST_SERVER_URL' # URL where Mattermost is running. e.g https://example.com:9243
token: 'MATTERMOST_TOKEN' # Personal Access token generated by BotKube user
team: 'MATTERMOST_TEAM' # Mattermost Team to configure with BotKube
channel: 'MATTERMOST_CHANNEL' # Mattermost Channel for receiving BotKube alerts
notiftype: short # Change notification type short/long you want to receive. notiftype is optional and Default notification type is short (if not specified)
# Settings for ELS
elasticsearch:
enable: false
server: 'ELASTICSEARCH_ADDRESS' # e.g https://example.com:9243
username: 'ELASTICSEARCH_USERNAME'
password: 'ELASTICSEARCH_PASSWORD'
# ELS index settings
index:
name: botkube
type: botkube-event
shards: 1
replicas: 0
# Settings for Webhook
webhook:
enabled: false
url: 'WEBHOOK_URL' # e.g https://example.com:80
---
# serviceaccount
apiVersion: v1
kind: ServiceAccount
metadata:
name: botkube-sa
labels:
app: botkube
---
# Source: botkube/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: botkube-clusterrole
labels:
app: botkube
rules:
- apiGroups: ["*"]
resources: ["*"]
verbs: ["get", "watch", "list"]
---
# clusterrolebinding
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: botkube-clusterrolebinding
labels:
app: botkube
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: botkube-clusterrole
subjects:
- kind: ServiceAccount
name: botkube-sa
namespace: botkube
---
# Certificate for Mattermost integration: https://www.botkube.io/installation/mattermost/
apiVersion: v1
kind: Secret
metadata:
name: botkube-certificate-secret
labels:
app: botkube
data:
ca-certificates.crt: ENCODED_CERTIFICATE
---
# deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: botkube
labels:
component: controller
app: botkube
spec:
replicas: 1
selector:
matchLabels:
component: controller
app: botkube
template:
metadata:
labels:
component: controller
app: botkube
spec:
serviceAccountName: botkube-sa
containers:
- name: botkube
image: "infracloudio/botkube:v0.9.1"
imagePullPolicy: Always
volumeMounts:
- name: config-volume
mountPath: "/config"
- name: certs
mountPath: "/etc/ssl/certs"
env:
- name: CONFIG_PATH
value: "/config/"
# set one of the log levels- info, warn, debug, error, fatal, panic
- name: LOG_LEVEL
value: "info"
# set BotKube release version
- name: BOTKUBE_VERSION
value: v0.9.1
volumes:
- name: config-volume
projected:
sources:
- configMap:
name: botkube-configmap
- secret:
name: botkube-communication-secret
- name: certs
secret:
secretName: botkube-certificate-secret
# run as non privilaged user
securityContext:
runAsUser: 101
runAsGroup: 101
Reference in New Issue View Git Blame Copy Permalink