replicaCount: 1 image: registry: harbor.avroid.tech/quay-proxy repository: prometheuscommunity/postgres-exporter automountServiceAccountToken: true resources: requests: cpu: 100m memory: 128Mi limits: cpu: 200m memory: 256Mi serviceAccount: # Specifies whether a ServiceAccount should be created create: false # The name of the ServiceAccount to use. # If not set and create is true, a name is generated using the fullname template name: vault # The securityContext of the pod. # See https://kubernetes.io/docs/concepts/policy/security-context/ for more. podSecurityContext: [] # The securityContext of the container. # See https://kubernetes.io/docs/concepts/policy/security-context/ for more. securityContext: [] config: ## The datasource properties on config are passed through helm tpl function. ## ref: https://helm.sh/docs/developing_charts/#using-the-tpl-function datasource: # Specify userFile if DB username is stored in a file. # For example, to use with vault-injector from Hashicorp userSecret: name: postgres-exporter-secret key: username # Only one of password, passwordFile, passwordSecret and pgpassfile can be specified passwordSecret: name: postgres-exporter-secret key: password # postgres_exporter.yml postgresExporter: | auth_modules: pg_monitoring: type: userpass userpass: username: "${DATA_SOURCE_USER}" password: "${DATA_SOURCE_PASS}" options: sslmode: disable nodeSelector: node-role.kubernetes.io/worker: "" annotations: vault.security.banzaicloud.io/vault-addr: "https://vault.avroid.tech" vault.security.banzaicloud.io/vault-role: "cloud-prod" vault.security.banzaicloud.io/vault-skip-verify: "false" vault.security.banzaicloud.io/vault-path: "avroid-office" # Labels and annotations to attach to the deployment resource deployment: annotations: vault.security.banzaicloud.io/vault-addr: "https://vault.avroid.tech" vault.security.banzaicloud.io/vault-role: "cloud-prod" vault.security.banzaicloud.io/vault-skip-verify: "false" vault.security.banzaicloud.io/vault-path: "avroid-office"