Helm chart parameters
Controller for the Botkube Slack app which helps you monitor your Kubernetes cluster, debug deployments and run specific checks on resources in the cluster.
Homepage: https://botkube.io
Maintainers​
Name | |
---|---|
Botkube Dev Team | dev-team@botkube.io |
Source Code​
Parameters​
Key | Type | Default | Description |
---|---|---|---|
image.registry | string | "ghcr.io" | Botkube container image registry. |
image.repository | string | "kubeshop/botkube" | Botkube container image repository. |
image.pullPolicy | string | "IfNotPresent" | Botkube container image pull policy. |
image.tag | string | "v0.18.0" | Botkube container image tag. Default tag is appVersion from Chart.yaml. |
podSecurityPolicy | object | {"enabled":false} | Configures Pod Security Policy to allow Botkube to run in restricted clusters. Ref doc. |
securityContext | object | Runs as a Non-Privileged user. | Configures security context to manage user Privileges in Pod. Ref doc. |
containerSecurityContext | object | {"allowPrivilegeEscalation":false,"privileged":false,"readOnlyRootFilesystem":true} | Configures container security context. Ref doc. |
kubeconfig.enabled | bool | false | If true, enables overriding the Kubernetes auth. |
kubeconfig.base64Config | string | "" | A base64 encoded kubeconfig that will be stored in a Secret, mounted to the Pod, and specified in the KUBECONFIG environment variable. |
kubeconfig.existingSecret | string | "" | A Secret containing a kubeconfig to use. |
actions | object | See the values.yaml file for full object. | Map of actions. Action contains configuration for automation based on observed events. The property name under actions object is an alias for a given configuration. You can define multiple actions configuration with different names. |
actions.describe-created-resource.enabled | bool | false | If true, enables the action. |
actions.describe-created-resource.displayName | string | "Describe created resource" | Action display name posted in the channels bound to the same source bindings. |
actions.describe-created-resource.command | string | See the values.yaml file for the command in the Go template form. | Command to execute when the action is triggered. You can use Go template (https://pkg.go.dev/text/template) together with all helper functions defined by Slim-Sprig library (https://go-task.github.io/slim-sprig). You can use the {{ .Event }} variable, which contains the event object that triggered the action. See all available event properties on https://github.com/kubeshop/botkube/blob/main/pkg/event/event.go. |
actions.describe-created-resource.bindings | object | {"executors":["kubectl-read-only"],"sources":["k8s-create-events"]} | Bindings for a given action. |
actions.describe-created-resource.bindings.sources | list | ["k8s-create-events"] | Event sources that trigger a given action. |
actions.describe-created-resource.bindings.executors | list | ["kubectl-read-only"] | Executors configuration used to execute a configured command. |
actions.show-logs-on-error.enabled | bool | false | If true, enables the action. |
actions.show-logs-on-error.displayName | string | "Show logs on error" | Action display name posted in the channels bound to the same source bindings. |
actions.show-logs-on-error.command | string | See the values.yaml file for the command in the Go template form. | Command to execute when the action is triggered. You can use Go template (https://pkg.go.dev/text/template) together with all helper functions defined by Slim-Sprig library (https://go-task.github.io/slim-sprig). You can use the {{ .Event }} variable, which contains the event object that triggered the action. See all available event properties on https://github.com/kubeshop/botkube/blob/main/pkg/event/event.go. |
actions.show-logs-on-error.bindings | object | {"executors":["kubectl-read-only"],"sources":["k8s-err-with-logs-events"]} | Bindings for a given action. |
actions.show-logs-on-error.bindings.sources | list | ["k8s-err-with-logs-events"] | Event sources that trigger a given action. |
actions.show-logs-on-error.bindings.executors | list | ["kubectl-read-only"] | Executors configuration used to execute a configured command. |
sources | object | See the values.yaml file for full object. | Map of sources. Source contains configuration for Kubernetes events and sending recommendations. The property name under sources object is an alias for a given configuration. You can define multiple sources configuration with different names. Key name is used as a binding reference. |
sources.k8s-recommendation-events.kubernetes | object | See the values.yaml file for full object. | Describes Kubernetes source configuration. |
sources.k8s-recommendation-events.kubernetes.recommendations | object | {"ingress":{"backendServiceValid":true,"tlsSecretValid":true},"pod":{"labelsSet":true,"noLatestImageTag":true}} | Describes configuration for various recommendation insights. |
sources.k8s-recommendation-events.kubernetes.recommendations.pod | object | {"labelsSet":true,"noLatestImageTag":true} | Recommendations for Pod Kubernetes resource. |
sources.k8s-recommendation-events.kubernetes.recommendations.pod.noLatestImageTag | bool | true | If true, notifies about Pod containers that use latest tag for images. |
sources.k8s-recommendation-events.kubernetes.recommendations.pod.labelsSet | bool | true | If true, notifies about Pod resources created without labels. |
sources.k8s-recommendation-events.kubernetes.recommendations.ingress | object | {"backendServiceValid":true,"tlsSecretValid":true} | Recommendations for Ingress Kubernetes resource. |
sources.k8s-recommendation-events.kubernetes.recommendations.ingress.backendServiceValid | bool | true | If true, notifies about Ingress resources with invalid backend service reference. |
sources.k8s-recommendation-events.kubernetes.recommendations.ingress.tlsSecretValid | bool | true | If true, notifies about Ingress resources with invalid TLS secret reference. |
sources.k8s-all-events.kubernetes | object | See the values.yaml file for full object. | Describes Kubernetes source configuration. |
sources.k8s-all-events.kubernetes.namespaces | object | {"include":[".*"]} | Describes namespaces for every Kubernetes resources you want to watch or exclude. These namespaces are applied to every resource specified in the resources list. However, every specified resource can override this by using its own namespaces object. |
sources.k8s-all-events.kubernetes.event | object | {"message":"","reason":"","types":["create","delete","error"]} | Describes event constraints for Kubernetes resources. These constraints are applied for every resource specified in the resources list, unless they are overridden by the resource's own events object. |
sources.k8s-all-events.kubernetes.event.types | list | ["create","delete","error"] | Lists all event types to be watched. |
sources.k8s-all-events.kubernetes.event.reason | string | "" | Optional regex to filter events by event reason. |
sources.k8s-all-events.kubernetes.event.message | string | "" | Optional regex to filter events by message. If a given event has multiple messages, it is considered a match if any of the messages match the regex. |
sources.k8s-all-events.kubernetes.annotations | object | {} | Filters Kubernetes resources to watch by annotations. |
sources.k8s-all-events.kubernetes.labels | object | {} | Filters Kubernetes resources to watch by labels. |
sources.k8s-all-events.kubernetes.resources | list | See the values.yaml file for full object. | Describes the Kubernetes resources to watch. Resources are identified by its type in {group}/{version}/{kind (plural)} format. Examples: apps/v1/deployments , v1/pods . Each resource can override the namespaces and event configuration by using dedicated event and namespaces field. Also, each resource can specify its own annotations , labels and name regex. |
sources.k8s-err-events.kubernetes | object | See the values.yaml file for full object. | Describes Kubernetes source configuration. |
sources.k8s-err-events.kubernetes.namespaces | object | {"include":[".*"]} | Describes namespaces for every Kubernetes resources you want to watch or exclude. These namespaces are applied to every resource specified in the resources list. However, every specified resource can override this by using its own namespaces object. |
sources.k8s-err-events.kubernetes.event | object | {"types":["error"]} | Describes event constraints for Kubernetes resources. These constraints are applied for every resource specified in the resources list, unless they are overridden by the resource's own events object. |
sources.k8s-err-events.kubernetes.event.types | list | ["error"] | Lists all event types to be watched. |
sources.k8s-err-events.kubernetes.resources | list | See the values.yaml file for full object. | Describes the Kubernetes resources you want to watch. |
sources.k8s-err-with-logs-events.kubernetes | object | See the values.yaml file for full object. | Describes Kubernetes source configuration. |
sources.k8s-err-with-logs-events.kubernetes.namespaces | object | {"include":[".*"]} | Describes namespaces for every Kubernetes resources you want to watch or exclude. These namespaces are applied to every resource specified in the resources list. However, every specified resource can override this by using its own namespaces object. |
sources.k8s-err-with-logs-events.kubernetes.event | object | {"types":["error"]} | Describes event constraints for Kubernetes resources. These constraints are applied for every resource specified in the resources list, unless they are overridden by the resource's own events object. |
sources.k8s-err-with-logs-events.kubernetes.event.types | list | ["error"] | Lists all event types to be watched. |
sources.k8s-err-with-logs-events.kubernetes.resources | list | See the values.yaml file for full object. | Describes the Kubernetes resources you want to watch. |
sources.k8s-create-events.kubernetes | object | See the values.yaml file for full object. | Describes Kubernetes source configuration. |
sources.k8s-create-events.kubernetes.namespaces | object | {"include":[".*"]} | Describes namespaces for every Kubernetes resources you want to watch or exclude. These namespaces are applied to every resource specified in the resources list. However, every specified resource can override this by using its own namespaces object. |
sources.k8s-create-events.kubernetes.event | object | {"types":["create"]} | Describes event constraints for Kubernetes resources. These constraints are applied for every resource specified in the resources list, unless they are overridden by the resource's own events object. |
sources.k8s-create-events.kubernetes.event.types | list | ["create"] | Lists all event types to be watched. |
sources.k8s-create-events.kubernetes.resources | list | See the values.yaml file for full object. | Describes the Kubernetes resources you want to watch. |
sources.prometheus.botkube/prometheus.enabled | bool | false | If true, enables prometheus source. |
sources.prometheus.botkube/prometheus.config.url | string | "http://localhost:9090" | Prometheus endpoint without api version and resource. |
sources.prometheus.botkube/prometheus.config.ignoreOldAlerts | bool | true | If set as true, Prometheus source plugin will not send alerts that is created before plugin start time. |
sources.prometheus.botkube/prometheus.config.alertStates | list | ["firing","pending","inactive"] | Only the alerts that have state provided in this config will be sent as notification. https://pkg.go.dev/github.com/prometheus/prometheus/rules#AlertState |
sources.prometheus.botkube/prometheus.config.log | object | {"level":"info"} | Logging configuration |
sources.prometheus.botkube/prometheus.config.log.level | string | "info" | Log level |
filters | object | See the values.yaml file for full object. | Filter settings for various sources. Currently, all filters are globally enabled or disabled. You can enable or disable filters with @Botkube enable/disable filters commands. |
filters.kubernetes.objectAnnotationChecker | bool | true | If true, enables support for botkube.io/disable and botkube.io/channel resource annotations. |
filters.kubernetes.nodeEventsChecker | bool | true | If true, filters out Node-related events that are not important. |
executors | object | See the values.yaml file for full object. | Map of executors. Executor contains configuration for running kubectl commands. The property name under executors is an alias for a given configuration. You can define multiple executor configurations with different names. Key name is used as a binding reference. |
executors.kubectl-read-only.kubectl.namespaces.include | list | [".*"] | List of allowed Kubernetes Namespaces for command execution. It can also contain a regex expressions: - ".*" - to specify all Namespaces. |
executors.kubectl-read-only.kubectl.namespaces.exclude | list | [] | List of ignored Kubernetes Namespace. It can also contain a regex expressions: - "test-.*" - to specify all Namespaces. |
executors.kubectl-read-only.kubectl.enabled | bool | false | If true, enables kubectl commands execution. |
executors.kubectl-read-only.kubectl.commands.verbs | list | ["api-resources","api-versions","cluster-info","describe","explain","get","logs","top"] | Configures which kubectl methods are allowed. |
executors.kubectl-read-only.kubectl.commands.resources | list | ["deployments","pods","namespaces","daemonsets","statefulsets","storageclasses","nodes","configmaps","services","ingresses"] | Configures which K8s resource are allowed. |
executors.kubectl-read-only.kubectl.defaultNamespace | string | "default" | Configures the default Namespace for executing Botkube kubectl commands. If not set, uses the 'default'. |
executors.kubectl-read-only.kubectl.restrictAccess | bool | false | If true, enables commands execution from configured channel only. |
executors.helm.botkube/helm.enabled | bool | false | If true, enables helm commands execution. |
executors.helm.botkube/helm.config.helmDriver | string | "secret" | Allowed values are configmap, secret, memory. |
executors.helm.botkube/helm.config.helmConfigDir | string | "/tmp/helm/" | Location for storing Helm configuration. |
executors.helm.botkube/helm.config.helmCacheDir | string | "/tmp/helm/.cache" | Location for storing cached files. Must be under the Helm config directory. |
aliases | object | See the values.yaml file for full object. | Custom aliases for given commands. The aliases are replaced with the underlying command before executing it. Aliases can replace a single word or multiple ones. For example, you can define a k alias for kubectl , or kgp for kubectl get pods . |
existingCommunicationsSecretName | string | "" | Configures existing Secret with communication settings. It MUST be in the botkube Namespace. To reload Botkube once it changes, add label botkube.io/config-watch: "true" . |
communications | object | See the values.yaml file for full object. | Map of communication groups. Communication group contains settings for multiple communication platforms. The property name under communications object is an alias for a given configuration group. You can define multiple communication groups with different names. |
communications.default-group.socketSlack.enabled | bool | false | If true, enables Slack bot. |
communications.default-group.socketSlack.channels | object | {"default":{"bindings":{"executors":["kubectl-read-only","helm"],"sources":["k8s-err-events","k8s-recommendation-events"]},"name":"SLACK_CHANNEL"}} | Map of configured channels. The property name under channels object is an alias for a given configuration. |
communications.default-group.socketSlack.channels.default.name | string | "SLACK_CHANNEL" | Slack channel name without '#' prefix where you have added Botkube and want to receive notifications in. |
communications.default-group.socketSlack.channels.default.bindings.executors | list | ["kubectl-read-only","helm"] | Executors configuration for a given channel. |
communications.default-group.socketSlack.channels.default.bindings.sources | list | ["k8s-err-events","k8s-recommendation-events"] | Notification sources configuration for a given channel. |
communications.default-group.socketSlack.botToken | string | "" | Slack bot token for your own Slack app. Ref doc. |
communications.default-group.socketSlack.appToken | string | "" | Slack app-level token for your own Slack app. Ref doc. |
communications.default-group.socketSlack.notification.type | string | "short" | Configures notification type that are sent. Possible values: short , long . |
communications.default-group.mattermost.enabled | bool | false | If true, enables Mattermost bot. |
communications.default-group.mattermost.botName | string | "Botkube" | User in Mattermost which belongs the specified Personal Access token. |
communications.default-group.mattermost.url | string | "MATTERMOST_SERVER_URL" | The URL (including http/https schema) where Mattermost is running. e.g https://example.com:9243 |
communications.default-group.mattermost.token | string | "MATTERMOST_TOKEN" | Personal Access token generated by Botkube user. |
communications.default-group.mattermost.team | string | "MATTERMOST_TEAM" | The Mattermost Team name where Botkube is added. |
communications.default-group.mattermost.channels | object | {"default":{"bindings":{"executors":["kubectl-read-only","helm"],"sources":["k8s-err-events","k8s-recommendation-events"]},"name":"MATTERMOST_CHANNEL","notification":{"disabled":false}}} | Map of configured channels. The property name under channels object is an alias for a given configuration. |
communications.default-group.mattermost.channels.default.name | string | "MATTERMOST_CHANNEL" | The Mattermost channel name for receiving Botkube alerts. The Botkube user needs to be added to it. |
communications.default-group.mattermost.channels.default.notification.disabled | bool | false | If true, the notifications are not sent to the channel. They can be enabled with @Botkube command anytime. |
communications.default-group.mattermost.channels.default.bindings.executors | list | ["kubectl-read-only","helm"] | Executors configuration for a given channel. |
communications.default-group.mattermost.channels.default.bindings.sources | list | ["k8s-err-events","k8s-recommendation-events"] | Notification sources configuration for a given channel. |
communications.default-group.mattermost.notification.type | string | "short" | Configures notification type that are sent. Possible values: short , long . |
communications.default-group.teams.enabled | bool | false | If true, enables MS Teams bot. |
communications.default-group.teams.botName | string | "Botkube" | The Bot name set while registering Bot to MS Teams. |
communications.default-group.teams.appID | string | "APPLICATION_ID" | The Botkube application ID generated while registering Bot to MS Teams. |
communications.default-group.teams.appPassword | string | "APPLICATION_PASSWORD" | The Botkube application password generated while registering Bot to MS Teams. |
communications.default-group.teams.bindings.executors | list | ["kubectl-read-only","helm"] | Executor bindings apply to all MS Teams channels where Botkube has access to. |
communications.default-group.teams.bindings.sources | list | ["k8s-err-events","k8s-recommendation-events"] | Source bindings apply to all channels which have notification turned on with @Botkube enable notifications command. |
communications.default-group.teams.messagePath | string | "/bots/teams" | The path in endpoint URL provided while registering Botkube to MS Teams. |
communications.default-group.teams.port | int | 3978 | The Service port for bot endpoint on Botkube container. |
communications.default-group.discord.enabled | bool | false | If true, enables Discord bot. |
communications.default-group.discord.token | string | "DISCORD_TOKEN" | Botkube Bot Token. |
communications.default-group.discord.botID | string | "DISCORD_BOT_ID" | Botkube Application Client ID. |
communications.default-group.discord.channels | object | {"default":{"bindings":{"executors":["kubectl-read-only","helm"],"sources":["k8s-err-events","k8s-recommendation-events"]},"id":"DISCORD_CHANNEL_ID","notification":{"disabled":false}}} | Map of configured channels. The property name under channels object is an alias for a given configuration. |
communications.default-group.discord.channels.default.id | string | "DISCORD_CHANNEL_ID" | Discord channel ID for receiving Botkube alerts. The Botkube user needs to be added to it. |
communications.default-group.discord.channels.default.notification.disabled | bool | false | If true, the notifications are not sent to the channel. They can be enabled with @Botkube command anytime. |
communications.default-group.discord.channels.default.bindings.executors | list | ["kubectl-read-only","helm"] | Executors configuration for a given channel. |
communications.default-group.discord.channels.default.bindings.sources | list | ["k8s-err-events","k8s-recommendation-events"] | Notification sources configuration for a given channel. |
communications.default-group.discord.notification.type | string | "short" | Configures notification type that are sent. Possible values: short , long . |
communications.default-group.elasticsearch.enabled | bool | false | If true, enables Elasticsearch. |
communications.default-group.elasticsearch.awsSigning.enabled | bool | false | If true, enables awsSigning using IAM for Elasticsearch hosted on AWS. Make sure AWS environment variables are set. Ref doc. |
communications.default-group.elasticsearch.awsSigning.awsRegion | string | "us-east-1" | AWS region where Elasticsearch is deployed. |
communications.default-group.elasticsearch.awsSigning.roleArn | string | "" | AWS IAM Role arn to assume for credentials, use this only if you don't want to use the EC2 instance role or not running on AWS instance. |
communications.default-group.elasticsearch.server | string | "ELASTICSEARCH_ADDRESS" | The server URL, e.g https://example.com:9243 |
communications.default-group.elasticsearch.username | string | "ELASTICSEARCH_USERNAME" | Basic Auth username. |
communications.default-group.elasticsearch.password | string | "ELASTICSEARCH_PASSWORD" | Basic Auth password. |
communications.default-group.elasticsearch.skipTLSVerify | bool | false | If true, skips the verification of TLS certificate of the Elastic nodes. It's useful for clusters with self-signed certificates. |
communications.default-group.elasticsearch.indices | object | {"default":{"bindings":{"sources":["k8s-err-events","k8s-recommendation-events"]},"name":"botkube","replicas":0,"shards":1,"type":"botkube-event"}} | Map of configured indices. The indices property name is an alias for a given configuration. |
communications.default-group.elasticsearch.indices.default.name | string | "botkube" | Configures Elasticsearch index settings. |
communications.default-group.elasticsearch.indices.default.bindings.sources | list | ["k8s-err-events","k8s-recommendation-events"] | Notification sources configuration for a given index. |
communications.default-group.webhook.enabled | bool | false | If true, enables Webhook. |
communications.default-group.webhook.url | string | "WEBHOOK_URL" | The Webhook URL, e.g.: https://example.com:80 |
communications.default-group.webhook.bindings.sources | list | ["k8s-err-events","k8s-recommendation-events"] | Notification sources configuration for the webhook. |
communications.default-group.slack | object | See the values.yaml file for full object. | Settings for deprecated Slack integration. DEPRECATED: Legacy Slack integration has been deprecated and removed from the Slack App Directory. Use socketSlack instead. Read more here: https://docs.botkube.io/installation/slack/ |
settings.clusterName | string | "not-configured" | Cluster name to differentiate incoming messages. |
settings.lifecycleServer | object | {"enabled":true,"port":2113} | Server configuration which exposes functionality related to the app lifecycle. |
settings.healthPort | int | 2114 | |
settings.upgradeNotifier | bool | true | If true, notifies about new Botkube releases. |
settings.log.level | string | "info" | Sets one of the log levels. Allowed values: info , warn , debug , error , fatal , panic . |
settings.log.disableColors | bool | false | If true, disable ANSI colors in logging. |
settings.systemConfigMap | object | {"name":"botkube-system"} | Botkube's system ConfigMap where internal data is stored. |
settings.persistentConfig | object | {"runtime":{"configMap":{"annotations":{},"name":"botkube-runtime-config"},"fileName":"_runtime_state.yaml"},"startup":{"configMap":{"annotations":{},"name":"botkube-startup-config"},"fileName":"_startup_state.yaml"}} | Persistent config contains ConfigMap where persisted configuration is stored. The persistent configuration is evaluated from both chart upgrade and Botkube commands used in runtime. |
ssl.enabled | bool | false | If true, specify cert path in config.ssl.cert property or K8s Secret in config.ssl.existingSecretName . |
ssl.existingSecretName | string | "" | Using existing SSL Secret. It MUST be in botkube Namespace. |
ssl.cert | string | "" | SSL Certificate file e.g certs/my-cert.crt. |
service | object | {"name":"metrics","port":2112,"targetPort":2112} | Configures Service settings for ServiceMonitor CR. |
ingress | object | {"annotations":{"kubernetes.io/ingress.class":"nginx"},"create":false,"host":"HOST","tls":{"enabled":false,"secretName":""}} | Configures Ingress settings that exposes MS Teams endpoint. Ref doc. |
serviceMonitor | object | {"enabled":false,"interval":"10s","labels":{},"path":"/metrics","port":"metrics"} | Configures ServiceMonitor settings. Ref doc. |
deployment.annotations | object | {} | Extra annotations to pass to the Botkube Deployment. |
extraAnnotations | object | {} | Extra annotations to pass to the Botkube Pod. |
extraLabels | object | {} | Extra labels to pass to the Botkube Pod. |
priorityClassName | string | "" | Priority class name for the Botkube Pod. |
nameOverride | string | "" | Fully override "botkube.name" template. |
fullnameOverride | string | "" | Fully override "botkube.fullname" template. |
resources | object | {} | The Botkube Pod resource request and limits. We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. Ref docs |
extraEnv | list | [] | Extra environment variables to pass to the Botkube container. Ref docs. |
extraVolumes | list | [] | Extra volumes to pass to the Botkube container. Mount it later with extraVolumeMounts. Ref docs. |
extraVolumeMounts | list | [] | Extra volume mounts to pass to the Botkube container. Ref docs. |
nodeSelector | object | {} | Node labels for Botkube Pod assignment. Ref doc. |
tolerations | list | [] | Tolerations for Botkube Pod assignment. Ref doc. |
affinity | object | {} | Affinity for Botkube Pod assignment. Ref doc. |
rbac | object | {"create":true,"rules":[{"apiGroups":["*"],"resources":["*"],"verbs":["get","watch","list"]}]} | Role Based Access for Botkube Pod. Ref doc. |
serviceAccount.create | bool | true | If true, a ServiceAccount is automatically created. |
serviceAccount.name | string | "" | The name of the service account to use. If not set, a name is generated using the fullname template. |
serviceAccount.annotations | object | {} | Extra annotations for the ServiceAccount. |
extraObjects | list | [] | Extra Kubernetes resources to create. Helm templating is allowed as it is evaluated before creating the resources. |
analytics.disable | bool | false | If true, sending anonymous analytics is disabled. To learn what date we collect, see Privacy Policy. |
configWatcher.enabled | bool | true | If true, restarts the Botkube Pod on config changes. |
configWatcher.tmpDir | string | "/tmp/watched-cfg/" | Directory, where watched configuration resources are stored. |
configWatcher.initialSyncTimeout | int | 0 | Timeout for the initial Config Watcher sync. If set to 0, waiting for Config Watcher sync will be skipped. In a result, configuration changes may not reload Botkube app during the first few seconds after Botkube startup. |
configWatcher.image.registry | string | "ghcr.io" | Config watcher image registry. |
configWatcher.image.repository | string | "kubeshop/k8s-sidecar" | Config watcher image repository. |
configWatcher.image.tag | string | "ignore-initial-events" | Config watcher image tag. |
configWatcher.image.pullPolicy | string | "IfNotPresent" | Config watcher image pull policy. |
plugins | object | {"cacheDir":"/tmp","repositories":{"botkube":{"url":"https://github.com/kubeshop/botkube/releases/download/v0.18.0/plugins-index.yaml"}}} | Configuration for Botkube executors and sources plugins. |
plugins.cacheDir | string | "/tmp" | Directory, where downloaded plugins are cached. |
plugins.repositories | object | {"botkube":{"url":"https://github.com/kubeshop/botkube/releases/download/v0.18.0/plugins-index.yaml"}} | List of plugins repositories. |
plugins.repositories.botkube | object | {"url":"https://github.com/kubeshop/botkube/releases/download/v0.18.0/plugins-index.yaml"} | This repository serves officially supported Botkube plugins. |
config | object | {"provider":{"endpoint":"","identifier":""}} | Configuration for remote Botkube settings |
config.provider | object | {"endpoint":"","identifier":""} | Base provider definition |
config.provider.identifier | string | "" | Unique identifier for remote Botkube settings |
config.provider.endpoint | string | "" | Endpoint to fetch Botkube settings from |
AWS IRSA on EKS support​
AWS has introduced IAM Role for Service Accounts in order to provide fine-grained access. This is useful if you are looking to run Botkube inside an EKS cluster. For more details visit https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html.
Annotate the Botkube Service Account as shown in the example below and add the necessary Trust Relationship to the corresponding Botkube role to get this working.
serviceAccount:
annotations:
eks.amazonaws.com/role-arn: "{role_arn_to_assume}"