General
Affinity rules for scheduling the reporter pod. Supports nodeAffinity, podAffinity and podAntiAffinity.
Specifies how to treat concurrent executions of a Job that is created by this CronJob.
The cron schedule at which the reporter is triggered to report to Kosli.
Specifies the number of failed finished jobs to keep.
Overrides the fullname used for the created k8s resources. It has higher precedence than
nameOverride.Overrides the name used for the created k8s resources. If
fullnameOverride is provided, it has higher precedence than this one.Node labels for scheduling the reporter pod. On EKS with Karpenter, use this to pin the reporter to a stable managed node group (e.g.
eks.amazonaws.com/nodegroup: <name>) so it does not interfere with node consolidation. See Running on EKS with Karpenter.Annotations to add to the CronJob object itself. For pod-level annotations (added to each reporter pod), use
podTemplateAnnotations instead.Custom labels to add to pods.
Annotations to add to the reporter pod template (applied to each Job pod that the CronJob creates).
Specifies the number of successful finished jobs to keep.
Tolerations for scheduling the reporter pod, e.g. to run on a dedicated or tainted node group.
Image
The kosli reporter image pull policy.
The kosli reporter image repository.
The kosli reporter image tag, overrides the image tag whose default is the chart appVersion.
Reporter configuration
Whether the dry run mode is enabled or not. In dry run mode, the reporter logs the reports to stdout and does not send them to kosli.
List of Kosli environments to report to. Each entry has required ‘name’ and optional namespace selectors. Use one entry to report a single environment; use multiple entries to report to multiple environments with different selectors. Per entry: name (required), namespaces, namespacesRegex, excludeNamespaces, excludeNamespacesRegex (optional). Leave namespace fields unset for an entry to report the entire cluster to that environment.
The http proxy url.
The name of the Kosli org.
The security context for the reporter cronjob. Set to null or to disable security context entirely (not recommended). For OpenShift with SCC, explicitly set runAsUser to null to let OpenShift assign the UID from the allowed range. Simply omitting runAsUser from your values override will not work because Helm deep-merges with these defaults. Example OpenShift override: securityContext: allowPrivilegeEscalation: false runAsNonRoot: true runAsUser: null.
Whether to allow privilege escalation.
Whether to run as non root.
The user id to run as. For OpenShift environments with SCC, set to null (runAsUser: null) to allow automatic UID assignment. Simply omitting this field will not work due to Helm’s deep merge with chart defaults.
Kosli API token
The name of the key in the secret data which contains the Kosli API token.
The name of the secret containing the kosli API token.
Environment variables
Map of plain environment variables to inject into the reporter container. For a single-tenant Kosli instance, set
KOSLI_HOST to https://INSTANCE_NAME.kosli.com.Additional environment variables to inject into the reporter container. List of
{name, value} or {name, valueFrom} entries, rendered verbatim into the container env. Supports plain values and valueFrom (secretKeyRef / configMapKeyRef). Note: entries here are appended after the chart’s own env entries; on duplicate names the later entry wins.Volumes
Additional container-level volumeMounts for the reporter container. Rendered verbatim into the container spec alongside the chart’s own mounts.
Additional Pod-level volumes to attach to the reporter pod. Rendered verbatim into the Pod spec alongside the chart’s own volumes. Use together with
extraVolumeMounts to mount Secrets, ConfigMaps, or other volumes into the container.Custom CA
Convenience wrapper for mounting a corporate / custom CA bundle. See Running behind a TLS-inspecting proxy for usage.
Enable mounting a corporate/custom CA bundle into the trust store.
Key within the Secret that holds the PEM-formatted CA certificate (single cert or multi-cert PEM bundle).
Name of an existing Secret in the same namespace containing the CA bundle.
Resources
The cpu limit.
The memory limit.
The memory request.
Service account
Annotations to add to the service account.
Specifies whether a service account should be created.
The name of the service account to use. If not set and create is true, a name is generated using the fullname template.
Specifies whether to create a cluster-wide permissions for the service account or namespace-scoped permissions. allowed values are: [cluster, namespace].
Autogenerated from chart metadata using helm-docs v1.14.2.