From 2ab13a20487e943bf3d01c6ece0fa04c11feb619 Mon Sep 17 00:00:00 2001
From: Cornelis Boon <cjidboon94@gmail.com>
Date: Sat, 9 Mar 2024 00:15:35 +0100
Subject: [PATCH] add first version of gke-starter values file

Signed-off-by: Cornelis Boon <cjidboon94@gmail.com>
---
 charts/flyte-binary/gke-starter.yaml | 119 +++++++++++++++++++++++++++
 1 file changed, 119 insertions(+)
 create mode 100644 charts/flyte-binary/gke-starter.yaml

diff --git a/charts/flyte-binary/gke-starter.yaml b/charts/flyte-binary/gke-starter.yaml
new file mode 100644
index 00000000000..bc99cf2defd
--- /dev/null
+++ b/charts/flyte-binary/gke-starter.yaml
@@ -0,0 +1,119 @@
+# configuration Specify configuration for Flyte
+configuration:
+  # database Specify configuration for Flyte's database connection
+  database:
+    # username Name for user to connect to database as
+    username: postgres
+    # password Password to connect to database with
+    # If set, a Secret will be created with this value and mounted to Flyte pod
+    password: ""
+    # host Hostname of database instance
+    host: 127.0.0.1
+    # dbname Name of database to use
+    dbname: flyteadmin
+  # storage Specify configuration for object store
+  storage:
+    # metadataContainer Bucket to store Flyte metadata
+    metadataContainer: "my-organization-flyte-container"
+    # userDataContainer Bucket to store Flyte user data
+    userDataContainer: "my-organization-flyte-container"
+    # provider Object store provider (Supported values: s3, gcs)
+    provider: gcs
+    # providerConfig Additional object store provider-specific configuration
+    providerConfig:
+      # gcs Provider configuration for GCS object store
+      gcs:
+        # project Google Cloud project in which bucket resides
+        project: "my-organization-gcp-project"
+  # logging Specify configuration for logs emitted by Flyte
+  logging:
+    # level Set the log level
+    level: 5
+    # plugins Specify additional logging plugins
+    plugins:
+      # stackdriver Configure logging plugin to have logs visible in StackDriver
+      stackdriver:
+        enabled: true
+        templateUri: |
+          https://console.cloud.google.com/logs/query;query=resource.labels.pod_name={{.podName}}&timestamp>{{.podRFC3339StartTime}}
+  # auth Specify configuration for Flyte authentication
+  auth:
+    # enabled Enable Flyte authentication
+    enabled: false
+    # oidc OIDC configuration for Flyte authentication
+    oidc:
+      # baseUrl URL for OIDC provider
+      baseUrl: ""
+      # clientId Flyte application client ID
+      clientId: ""
+      # clientSecret Flyte application client secret
+      clientSecret: ""
+    # internal Configuration for internal authentication
+    # The settings for internal still need to be defined if you wish to use an external auth server
+    # These credentials are used during communication between the FlyteAdmin and Propeller microservices
+    internal:
+      # clientId Client ID for internal authentication - set to flytepropeller or external auth server
+      clientId: flytepropeller
+      # clientSecret Client secret for internal authentication
+      clientSecret: ""
+      # clientSecretHash Bcrypt hash of clientSecret
+      clientSecretHash: ""
+    # authorizedUris Set of URIs that clients are allowed to visit the service on
+    authorizedUris: []
+
+  # inline Specify additional configuration or overrides for Flyte, to be merged with the base configuration
+  inline: 
+    #This section automates the IAM Role annotation for the default KSA on each project namespace to enable IRSA
+    #Learn more: https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html
+    cluster_resources:
+      customData:
+      - production:
+        - defaultIamServiceAccount:
+            value: <FLYTE_IAM_SA_EMAIL>
+      - staging:
+        - defaultIamServiceAccount:
+            value: <FLYTE_IAM_SA_EMAIL>
+      - development:
+        - defaultIamServiceAccount:
+            value: <FLYTE_IAM_SA_EMAIL>
+    plugins:
+      k8s:
+        inject-finalizer: true
+        default-env-vars:
+          - AWS_METADATA_SERVICE_TIMEOUT: 5
+          - AWS_METADATA_SERVICE_NUM_ATTEMPTS: 20
+    # Configuration for the Datacatalog engine, used when caching is enabled
+    # Learn more: https://docs.flyte.org/en/latest/deployment/configuration/generated/datacatalog_config.html  
+    storage:
+      cache:
+        max_size_mbs: 10
+        target_gc_percent: 100
+    tasks:
+      task-plugins:
+        enabled-plugins:
+          - container
+          - sidecar
+          - K8S-ARRAY #used for MapTasks
+        default-for-task-types:
+          - container: container
+          - container_array: K8S-ARRAY
+
+# clusterResourceTemplates Specify templates for Kubernetes resources that should be created for new Flyte projects
+clusterResourceTemplates:
+  # inline Specify additional cluster resource templates, to be merged with the base configuration
+  inline: 
+    #This section automates the creation of the project-domain namespaces
+    001_namespace.yaml: |
+      apiVersion: v1
+      kind: Namespace
+      metadata:
+        name: '{{ namespace }}'
+    # This block performs the automated annotation of KSAs across all project-domain namespaces
+    002_serviceaccount.yaml: |
+      apiVersion: v1
+      kind: ServiceAccount
+      metadata:
+        name: default
+        namespace: '{{ namespace }}'
+        annotations:
+          iam.gke.io/gcp-service-account: '{{ defaultIamServiceAccount }}'
\ No newline at end of file