bases:
- environments.yaml
---
repositories:
- name: "bitnami"
  url: "https://charts.bitnami.com/bitnami"

releases:
#   - https://github.com/bitnami/charts/tree/master/bitnami/external-dns
#   - https://github.com/bitnami/charts/blob/master/bitnami/external-dns/values-production.yaml
#   - (obsolete) https://github.com/kubernetes/charts/blob/master/stable/external-dns
- name: "external-dns"
  namespace: "kube-system"
  labels:
    chart: "external-dns"
    repo: "stable"
    component: "dns"
    namespace: "kube-system"
    vendor: "kubernetes"
  chart: "bitnami/external-dns"
  version: {{ .Values.chart_version | quote }}
  wait: true
  timeout: 180
  atomic: true
  cleanupOnFail: true
  installed: {{ .Values.installed }}
  values:
    - sources:
      - service
      - ingress
      {{- /* We test for eq true (which may seem redundant) so that
         we see an error when the value is a string instead of a bool,
         otherwise "false" would evaluate as true. */ -}}
      {{- if or (index .Values "istio_enabled") false | eq true }}
      - istio-gateway
      {{- end }}
      {{- if .Values.crd_enabled | eq true }}
      - crd
      {{- end }}
      txtOwnerId: {{ printf "%s-%s" .Values.txt_prefix  .Values.stage | quote }}
      txtPrefix: {{ printf "%s-%s-" .Values.txt_prefix  .Values.stage | quote }}
      publishInternalServices: {{ .Values.publishInternalServices }}
      policy:  {{ .Values.policy | quote }}
      provider: {{ .Values.provider | quote }}
      podAnnotations:
        cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
      crd:
        ## Install and use the integrated DNSEndpoint CRD
        create: {{ .Values.crd_enabled }}
      resources:
        limits:
          cpu: {{ .Values.limit_cpu | quote }}
          memory: {{ .Values.limit_memory | quote }}
        requests:
          cpu: {{ .Values.request_cpu | quote }}
          memory: {{ .Values.request_memory | quote }}
      rbac:
        create: {{ .Values.rbac_enabled }}
        ## Service Account for pods
        ## https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
        ## RBAC API version
        apiVersion: v1
        ## Podsecuritypolicy
        pspEnabled: false
      serviceAccount:
        name: {{ .Values.service_account_name | quote }}
        ## Annotations for the Service Account
        {{- if .Values.provider | eq "aws" }}
        annotations:
          eks.amazonaws.com/role-arn: {{ printf "arn:aws:iam::%v:role/%v-%v-%v-eks-%v@kube-system" .Values.account_number .Values.namespace .Values.environment .Values.stage .Values.service_account_name | quote }}
        {{- end }}
      aws:
        region: {{ .Values.region | quote }}
        evaluateTargetHealth: false