ext-secrets initial

2026-01-25 20:23:01 +01:00
parent dce92aeb28
commit e7f648cf57
3 changed files with 138 additions and 0 deletions
--- a/09_ExternalSecrets/external-secrets-values.yaml
+++ b/09_ExternalSecrets/external-secrets-values.yaml
@@ -0,0 +1,51 @@
+# External Secrets Operator resource configuration
+# Based on Goldilocks recommendations (Burstable QoS)
+
+podSecurityContext:
+  runAsNonRoot: true
+  runAsUser: 1000
+  runAsGroup: 1000
+  fsGroup: 1000
+  seccompProfile:
+    type: RuntimeDefault
+
+# Main controller
+resources:
+  requests:
+    cpu: 15m
+    memory: 192Mi
+  limits:
+    cpu: 50m
+    memory: 256Mi
+
+certController:
+  podSecurityContext:
+    runAsNonRoot: true
+    runAsUser: 1000
+    runAsGroup: 1000
+    fsGroup: 1000
+    seccompProfile:
+      type: RuntimeDefault
+  resources:
+    requests:
+      cpu: 15m
+      memory: 192Mi
+    limits:
+      cpu: 50m
+      memory: 256Mi
+
+webhook:
+  podSecurityContext:
+    runAsNonRoot: true
+    runAsUser: 1000
+    runAsGroup: 1000
+    fsGroup: 1000
+    seccompProfile:
+      type: RuntimeDefault
+  resources:
+    requests:
+      cpu: 15m
+      memory: 128Mi
+    limits:
+      cpu: 50m
+      memory: 256Mi