cert-manager-csi-driver
Helm chart
Request a free trial
Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.
Tag:
1
metrics:
2
# Enable the metrics server on csi-driver pods.
3
# If false, the metrics server will be disabled and the other metrics fields below will be ignored.
4
enabled: true
5
# The TCP port on which the metrics server will listen.
6
port: 9402
7
podmonitor:
8
# Create a PodMonitor to add csi-driver to Prometheus if you are using Prometheus Operator.
9
# See https://prometheus-operator.dev/docs/operator/api/#monitoring.coreos.com/v1.PodMonitor
10
enabled: false
11
# The namespace that the pod monitor should live in, defaults
12
# to the cert-manager-csi-driver namespace.
13
# +docs:property
14
# namespace: cert-manager
15
16
# Specifies the `prometheus` label on the created PodMonitor. This is
17
# used when different Prometheus instances have label selectors matching
18
# different PodMonitors.
19
prometheusInstance: default
20
# The interval to scrape metrics.
21
interval: 60s
22
# The timeout before a metrics scrape fails.
23
scrapeTimeout: 30s
24
# Additional labels to add to the PodMonitor.
25
labels: {}
26
# Additional annotations to add to the PodMonitor.
27
annotations: {}
28
# Keep labels from scraped data, overriding server-side labels.
29
honorLabels: false
30
# EndpointAdditionalProperties allows setting additional properties on the
31
# endpoint such as relabelings, metricRelabelings etc.
32
#
33
# For example:
34
# endpointAdditionalProperties:
35
# relabelings:
36
# - action: replace
37
# sourceLabels:
38
# - __meta_kubernetes_pod_node_name
39
# targetLabel: instance
40
#
41
# +docs:property
42
endpointAdditionalProperties: {}
43
image:
44
# Target image registry. This value is prepended to the target image repository, if set.
45
# For example:
46
# registry: quay.io
47
# repository: jetstack/cert-manager-csi-driver
48
# +docs:property
49
# registry: quay.io
50
51
# Target image repository.
52
repository: chainguard-private/cert-manager-csi-driver
53
# Override the image tag to deploy by setting this variable.
54
# If no value is set, the chart's appVersion is used.
55
# +docs:property
56
# tag: vX.Y.Z
57
58
# Target image digest. Override any tag, if set.
59
# For example:
60
# digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20
61
# +docs:property
62
# digest: sha256:...
63
64
# Kubernetes imagePullPolicy on Deployment.
65
pullPolicy: IfNotPresent
66
tag: latest
67
registry: chainreg.biz
68
digest: sha256:1da14d0c91b56dca5dfb8f1bae70753cf2f7f0ee0d00043c676d30196f4a03f3
69
# Optional secrets used for pulling the csi-driver container image.
70
#
71
# For example:
72
# imagePullSecrets:
73
# - name: secret-name
74
imagePullSecrets: []
75
# Labels to apply to all resources.
76
commonLabels: {}
77
nodeDriverRegistrarImage:
78
# Target image registry. This value is prepended to the target image repository, if set.
79
# For example:
80
# registry: registry.k8s.io
81
# repository: sig-storage/csi-node-driver-registrar
82
# +docs:property
83
# registry: registry.k8s.io
84
85
# Target image repository.
86
repository: chainguard-private/kubernetes-csi-node-driver-registrar
87
# Override the image tag to deploy by setting this variable.
88
# If no value is set, the chart's appVersion is used.
89
# +docs:property
90
tag: latest
91
# Target image digest. Override any tag, if set.
92
# For example:
93
# digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20
94
# +docs:property
95
# digest: sha256:...
96
97
# Kubernetes imagePullPolicy on Deployment.
98
pullPolicy: IfNotPresent
99
registry: chainreg.biz
100
digest: sha256:f8b8284766b16926f4a57ff5a6ebb583d4c5a80ac7f2622c2b29a334c8f08735
101
livenessProbeImage:
102
# Target image registry. This value is prepended to the target image repository, if set.
103
# For example:
104
# registry: registry.k8s.io
105
# repository: sig-storage/livenessprobe
106
# +docs:property
107
# registry: registry.k8s.io
108
109
# Target image repository.
110
repository: chainguard-private/kubernetes-csi-livenessprobe
111
# Override the image tag to deploy by setting this variable.
112
# If no value is set, the chart's appVersion is used.
113
# +docs:property
114
tag: latest
115
# Target image digest. Override any tag, if set.
116
# For example:
117
# digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20
118
# +docs:property
119
# digest: sha256:...
120
121
# Kubernetes imagePullPolicy on Deployment.
122
pullPolicy: IfNotPresent
123
registry: chainreg.biz
124
digest: sha256:a90c9789fc7f532d06849d1dd851e7cd4cc5d024691d1e86bf67b1123f4b635f
125
app:
126
# Verbosity of cert-manager-csi-driver logging.
127
logLevel: 1 # 1-5
128
# Options for CSI driver.
129
driver:
130
# Name of the driver to be registered with Kubernetes.
131
name: csi.cert-manager.io
132
# If enabled, this uses a CSI token request for creating
133
# CertificateRequests. CertificateRequests are created by mounting the
134
# pod's service accounts.
135
useTokenRequest: false
136
# Configures the hostPath directory that the driver writes and mounts volumes from.
137
csiDataDir: /tmp/cert-manager-csi-driver
138
# Options for the liveness container.
139
livenessProbe:
140
# The port that will expose the liveness of the csi-driver.
141
port: 9809
142
# Overrides the path to root kubelet directory in case of a non-standard Kubernetes install.
143
kubeletRootDir: /var/lib/kubelet
144
# Optional additional annotations to add to the csi-driver DaemonSet.
145
daemonSetAnnotations: {}
146
# Optional additional annotations to add to the csi-driver pods.
147
podAnnotations: {}
148
# Optional additional labels to add to the csi-driver pods.
149
podLabels: {}
150
# Kubernetes pod resources requests/limits for cert-manager-csi-driver.
151
#
152
# For example:
153
# resources:
154
# limits:
155
# cpu: 100m
156
# memory: 128Mi
157
# requests:
158
# cpu: 100m
159
# memory: 128Mi
160
resources: {}
161
# Kubernetes node selector: node labels for pod assignment.
162
# +docs:property=nodeSelector
163
nodeSelector:
164
kubernetes.io/os: linux
165
# Kubernetes affinity: constraints for pod assignment.
166
#
167
# For example:
168
# affinity:
169
# nodeAffinity:
170
# requiredDuringSchedulingIgnoredDuringExecution:
171
# nodeSelectorTerms:
172
# - matchExpressions:
173
# - key: foo.bar.com/role
174
# operator: In
175
# values:
176
# - master
177
affinity: {}
178
# Kubernetes pod tolerations for cert-manager-csi-driver.
179
#
180
# For example:
181
# tolerations:
182
# - operator: "Exists"
183
tolerations: []
184
# Optional priority class to be used for the csi-driver pods.
185
priorityClassName: ""
186
openshift:
187
securityContextConstraint:
188
# Include RBAC to allow the DaemonSet to "use" the specified
189
# SecurityContextConstraints.
190
#
191
# This value can either be a boolean true or false, or the string "detect".
192
# If set to "detect" then the securityContextConstraint is automatically
193
# enabled for openshift installs.
194
#
195
# +docs:type=boolean,string,null
196
enabled: detect
197
# Name of the SecurityContextConstraints to create RBAC for.
198
name: privileged
199
The trusted source for open source
Talk to an expertProduct
Customers
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.