From 90394aab3b36db81c9c4e62ec410d90678142495 Mon Sep 17 00:00:00 2001 From: Mateusz Szostok Date: Thu, 21 Jul 2022 13:24:55 +0200 Subject: [PATCH] Update configuration related docs (#102) --- content/configuration/_index.md | 105 ++++++++++- content/configuration/communication/_index.md | 55 ++---- content/configuration/global.md | 42 +++++ .../configuration/helm-chart-parameters.md | 178 +++++++++--------- content/configuration/resource.md | 37 +--- content/contribute/_index.md | 11 +- content/examples/_index.md | 24 +-- content/installation/Discord/_index.md | 4 +- content/installation/ElasticSearch/_index.md | 2 +- content/installation/Mattermost/_index.md | 2 +- content/installation/Slack/_index.md | 2 +- content/installation/Teams/_index.md | 2 +- content/installation/Webhook/_index.md | 2 +- content/usage/_index.md | 8 +- 14 files changed, 282 insertions(+), 192 deletions(-) create mode 100644 content/configuration/global.md diff --git a/content/configuration/_index.md b/content/configuration/_index.md index c5924281..7b0dac6b 100644 --- a/content/configuration/_index.md +++ b/content/configuration/_index.md @@ -2,23 +2,120 @@ title: "Configuration" date: 2019-01-08T17:58:08+05:30 draft: false -weight: 10 +weight: 20 --- -BotKube backend allows you to specify the [resource](/configuration/resource) and [communication](/configuration/communication) settings. Check the individual documents for more detailed explanation on how to provide those configurations. +BotKube backend allows you to specify [resource](/configuration/resource), [communication](/configuration/communication), and [global](/configuration/global) settings. Check the related documents for more detailed explanation. + +The configuration settings are read from two sources: + +- the configuration files specified by the `BOTKUBE_CONFIG_PATHS` environment variable or `--config/-c` flag. For example: + + ```bash + export BOTKUBE_CONFIG_PATHS="global.yaml,team-b-specific.yaml" + # or + ./botkube --config "global.yaml,team-b-specific.yaml" + ``` + + {{% notice note %}} + You can split individual settings into multiple configuration files. The priority will be given to the last (right-most) file specified. See the [merging strategy](#merging-strategy) section for more details. + {{% /notice%}} + +- the exported [environment variables](#environment-variables) that overrides the configuration specified in the files. ### Updating the configuration at runtime You can update the configuration and use `helm upgrade` to update configuration values for the BotKube. -You can also change resource configuration directly in ConfigMap - which is not recommended but is great for quick experimentation. +You can also change configuration directly in ConfigMap and Secret - is not recommended but is great for quick experimentation. + +```bash +# Change resources related settings +kubectl edit configmap botkube-global-config -n botkube +``` ```bash -$ kubectl edit configmap botkube-configmap -n botkube +# Change communication related settings +kubectl edit secret botkube-communication-secret -n botkube ``` + This command opens ConfigMap `specs` in default editor. Do the required changes, save and exit. The BotKube Pod will automatically restart to have these configurations in effect. ## Helm install options Advanced Helm install options are documented [here](/configuration/helm-chart-parameters). + +## Environment variables + +The individual communication settings can be specified via environment variables. They take priority and override the configuration specified in the file. + +To construct the environment variable name, take any property from the configuration file and make it uppercase. Use the underscore for properties that are nested. Use the double underscore for all camelCase properties. Finally, add the `BOTKUBE_` prefix. + +For example, such configuration property from YAML: + +```yaml +settings: + kubectl: + defaultNamespace: 'NAMESPACE' +``` + +is mapped to the `BOTKUBE_SETTINGS_KUBECTL_DEFAULT__NAMESPACE` environment variable. + +This is a useful feature that allows you to store the overall configuration in a file, where sensitive data, such as tokens, can be put in environment variables. See the [**Tokens from Vault via CSI driver**](/configuration/communication/vault-csi/) tutorial for an example use-case. + +## Merging strategy + +BotKube allows you to split individual settings into multiple configuration files. The following rules apply: +- The priority will be given to the last (right-most) file specified. +- Objects are merged together and primitive fields are overridden. For example: + ```yaml + # a.yaml - first file + settings: + clusterName: dev-cluster + configWatcher: true + kubectl: + enabled: false + ``` + ```yaml + # b.yaml - second file + settings: + kubectl: + enabled: true + ``` + + ```yaml + # result + settings: + clusterName: dev-cluster + configWatcher: true + kubectl: + enabled: true + ``` + +- The arrays items are not merged, they are overridden. For example: + + ```yaml + # a.yaml + settings: + kubectl: + enabled: true + commands: + verbs: ["api-resources", "api-versions", "cluster-info", "describe", "diff", "explain", "get", "logs", "top", "auth"] + ``` + ```yaml + # b.yaml + settings: + kubectl: + commands: + verbs: ["get", "logs", "top", "auth"] + ``` + + ```yaml + # b.yaml + settings: + kubectl: + enabled: true + commands: + verbs: ["get", "logs", "top", "auth"] + ``` diff --git a/content/configuration/communication/_index.md b/content/configuration/communication/_index.md index e91c925d..17f07359 100644 --- a/content/configuration/communication/_index.md +++ b/content/configuration/communication/_index.md @@ -1,21 +1,15 @@ --- menutitle: "Communication" title: "Communication" -weight: 30 +weight: 10 --- -BotKube backend reads communication settings from two sources: -- the [comm_config.yaml](#file-syntax) file placed in the directory specified by the **CONFIG_PATH** environment variable, -- the exported [environment variables](#environment-variables). They take priority and override the configuration specified in the file. +The communication settings contains: +- Communication platforms configuration, +- Option to toggle notification type to short or long. -## File syntax - -The communication configuration file contains: - -- communication platforms configuration, - -- option to toggle notification type to short or long. +## Syntax ```yaml # Communication mediums configuration @@ -28,9 +22,9 @@ communications: # want to receive notifications in token: 'SLACK_API_TOKEN' # Slack token received after installing # BotKube Slack app to a workplace - notiftype: short # Change notification type short/long. - # notiftype is optional and default - # notification type is short (if not specified) + notification: + type: short # Change notification type short/long. + # Type is optional and default is short. # Settings for Mattermost mattermost: @@ -40,8 +34,9 @@ communications: token: 'MATTERMOST_TOKEN' # Personal Access token generated by BotKube user team: 'MATTERMOST_TEAM' # Mattermost Team to configure with BotKube channel: 'MATTERMOST_CHANNEL' # Mattermost Channel for receiving BotKube alerts - notiftype: short # Change notification type short/long you want to receive. - # notiftype is optional and default notification type is short (if not specified) + notification: + type: short # Change notification type short/long. + # Type is optional and default is short. # Settings for Microsoft Teams teams: @@ -49,16 +44,19 @@ communications: appID: 'APPLICATION_ID' appPassword: 'APPLICATION_PASSWORD' port: 3978 - notiftype: short # Change notification type short/long you want to receive. - # notiftype is optional and default notification type is short (if not specified) + notification: + type: short # Change notification type short/long. + # Type is optional and default is short. # Settings for Discord discord: enabled: false token: 'DISCORD_TOKEN' # BotKube Bot Token - botid: 'DISCORD_BOT_ID' # BotKube Application Client ID + botID: 'DISCORD_BOT_ID' # BotKube Application Client ID channel: 'DISCORD_CHANNEL_ID' # Discord Channel id for receiving BotKube alerts - notiftype: short # Change notification type short/long you want to receive. notiftype is optional and Default notification type is short (if not specified) + notification: + type: short # Change notification type short/long. + # Type is optional and default is short. # Settings for ELS elasticsearch: @@ -90,20 +88,3 @@ communications: ``` The default configuration for Helm chart can be found in [values.yaml](https://github.com/kubeshop/botkube/blob/main/helm/botkube/values.yaml). - -## Environment variables - -The individual communication settings can be specified via environment variables. They take priority and override the configuration specified in the file. - - -To construct the environment variable name, take any property from the [configuration file](#file-syntax) and make it uppercase. Use the underscore for properties that are nested. That's all - you have the environment variable name! - -For example, such configuration property from YAML: -```yaml -communications: - slack: - token: 'SLACK_API_TOKEN' -``` -is mapped to the `COMMUNICATIONS_SLACK_TOKEN` environment variable. - -This is a useful feature that allows you to store the overall configuration in a file, where sensitive data, such as tokens, can be put in environment variables. See the [**Tokens from Vault via CSI driver**](/configuration/communication/vault-csi/) tutorial for an example use-case. diff --git a/content/configuration/global.md b/content/configuration/global.md new file mode 100644 index 00000000..366c3d39 --- /dev/null +++ b/content/configuration/global.md @@ -0,0 +1,42 @@ +--- +title: "Global" +date: 2022-07-20T13:28:06+02:00 +draft: false +weight: 21 +--- + +The global settings contains: + +- Toggle `kubectl` command execution, +- Configure `kubectl` commands BotKube can execute, +- Restrict `kubectl` command execute to specific channel. + +## Syntax + +```yaml + +# Cluster Setting to manage command execution access +settings: + # Set cluster name to differentiate incoming messages + clusterName: not-configured + # Kubectl executor configs + kubectl: + # Set true to enable kubectl commands execution + enabled: false + # List of allowed commands + commands: + # kubectl method which are allowed with BotKube command + verbs: ["api-resources", "api-versions", "cluster-info", "describe", "diff", "explain", "get", "logs", "top", "auth"] + # resources on which kubectl methods are allowed with BotKube commands + resources: ["deployments", "pods" , "namespaces", "daemonsets", "statefulsets", "storageclasses", "nodes"] + # set Namespace to execute botkube kubectl commands by default + defaultNamespace: default + # Set true to enable commands execution from configured channel only + restrictAccess: false + # Set true to enable config watcher + configWatcher: true + # Set false to disable upgrade notification + upgradeNotifier: true +``` + +The default configuration for Helm chart can be found in [values.yaml](https://github.com/kubeshop/botkube/blob/main/helm/botkube/values.yaml). diff --git a/content/configuration/helm-chart-parameters.md b/content/configuration/helm-chart-parameters.md index 5754b1d9..e0707fb4 100644 --- a/content/configuration/helm-chart-parameters.md +++ b/content/configuration/helm-chart-parameters.md @@ -23,95 +23,95 @@ Controller for the BotKube Slack app which helps you monitor your Kubernetes clu | Key | Type | Default | Description | |-----|------|---------|-------------| -| [image.registry](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L14) | string | `"ghcr.io"` | BotKube container image registry. | -| [image.repository](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L16) | string | `"kubeshop/botkube"` | BotKube container image repository. | -| [image.pullPolicy](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L18) | string | `"IfNotPresent"` | BotKube container image pull policy. | -| [image.tag](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L20) | string | `"v9.99.9-dev"` | BotKube container image tag. Default tag is `appVersion` from Chart.yaml. | -| [podSecurityPolicy](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L24) | object | `{"enabled":false}` | Configures Pod Security Policy to allow BotKube to run in restricted clusters. [Ref doc](https://kubernetes.io/docs/concepts/policy/pod-security-policy/). | -| [securityContext](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L30) | object | Runs as a Non-Privileged user. | Configures security context to manage user Privileges in Pod. [Ref doc](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod). | -| [containerSecurityContext](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L36) | object | `{"allowPrivilegeEscalation":false,"privileged":false,"readOnlyRootFilesystem":true}` | Configures container security context. [Ref doc](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container). | -| [kubeconfig.enabled](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L44) | bool | `false` | If true, enables overriding the Kubernetes auth. | -| [kubeconfig.base64Config](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L46) | string | `""` | A base64 encoded kubeconfig that will be stored in a Secret, mounted to the Pod, and specified in the KUBECONFIG environment variable. | -| [kubeconfig.existingSecret](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L51) | string | `""` | A Secret containing a kubeconfig to use. | -| [log.level](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L56) | string | `"info"` | Sets one of the log levels. Allowed values: `info`, `warn`, `debug`, `error`, `fatal`, `panic`. | -| [log.disableColors](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L58) | bool | `false` | If true, disable ANSI colors in logging. | -| [config.resources](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L64) | list | Watch all built-in K8s kinds. | Describes the Kubernetes resources you want to watch. | -| [config.recommendations](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L268) | bool | `true` | If true, BotKube sends recommendations about the best practices for the created resource. | -| [config.ssl.enabled](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L273) | bool | `false` | If true, specify cert path in `config.ssl.cert` property or K8s Secret in `config.ssl.existingSecretName`. | -| [config.ssl.existingSecretName](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L279) | string | `""` | Using existing SSL Secret. It MUST be in `botkube` Namespace. | -| [config.ssl.cert](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L282) | string | `""` | SSL Certificate file e.g certs/my-cert.crt. | -| [config.settings.clustername](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L287) | string | `"not-configured"` | Cluster name to differentiate incoming messages. | -| [config.settings.kubectl.enabled](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L291) | bool | `false` | If true, enables `kubectl` commands execution. | -| [config.settings.kubectl.commands.verbs](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L295) | list | `["api-resources","api-versions","cluster-info","describe","diff","explain","get","logs","top","auth"]` | Configures which `kubectl` methods are allowed. | -| [config.settings.kubectl.commands.resources](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L297) | list | `["deployments","pods","namespaces","daemonsets","statefulsets","storageclasses","nodes","configmaps"]` | Configures which K8s resource are allowed. | -| [config.settings.kubectl.defaultNamespace](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L299) | string | `"default"` | Configures the default Namespace for executing BotKube `kubectl` commands. | -| [config.settings.kubectl.restrictAccess](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L301) | bool | `false` | If true, enables commands execution from configured channel only. | -| [config.settings.configwatcher](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L303) | bool | `true` | If true, restarts the BotKube Pod on config changes. | -| [config.settings.upgradeNotifier](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L305) | bool | `true` | If true, notifies about new BotKube releases. | -| [communications.existingSecretName](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L317) | string | `""` | Configures existing Secret with communication settings. It MUST be in the `botkube` Namespace. | -| [communications.slack.enabled](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L322) | bool | `false` | If true, enables Slack bot. | -| [communications.slack.channel](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L324) | string | `"SLACK_CHANNEL"` | Slack channel name without '#' prefix where you have added BotKube and want to receive notifications in. | -| [communications.slack.token](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L326) | string | `"SLACK_API_TOKEN"` | Slack token. | -| [communications.slack.notiftype](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L328) | string | `"short"` | Configures notification type that are sent. Possible values: `short`, `long`. | -| [communications.mattermost.enabled](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L333) | bool | `false` | If true, enables Mattermost bot. | -| [communications.mattermost.botName](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L335) | string | `"BotKube"` | User in Mattermost which belongs the specified Personal Access token. | -| [communications.mattermost.url](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L337) | string | `"MATTERMOST_SERVER_URL"` | The URL (including http/https schema) where Mattermost is running. e.g https://example.com:9243 | -| [communications.mattermost.token](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L339) | string | `"MATTERMOST_TOKEN"` | Personal Access token generated by BotKube user. | -| [communications.mattermost.team](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L341) | string | `"MATTERMOST_TEAM"` | The Mattermost Team name where BotKube is added. | -| [communications.mattermost.channel](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L344) | string | `"MATTERMOST_CHANNEL"` | The Mattermost channel name for receiving BotKube alerts. The BotKube user needs to be added to it. | -| [communications.mattermost.notiftype](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L346) | string | `"short"` | Configures notification type that are sent. Possible values: `short`, `long`. | -| [communications.teams.enabled](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L351) | bool | `false` | If true, enables MS Teams bot. | -| [communications.teams.appID](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L353) | string | `"APPLICATION_ID"` | The BotKube application ID generated while registering Bot to MS Teams. | -| [communications.teams.appPassword](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L355) | string | `"APPLICATION_PASSWORD"` | The BotKube application password generated while registering Bot to MS Teams. | -| [communications.teams.messagePath](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L357) | string | `"/bots/teams"` | The path in endpoint URL provided while registering BotKube to MS Teams. | -| [communications.teams.notiftype](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L359) | string | `"short"` | Configures notification type that are sent. Possible values: `short`, `long`. | -| [communications.teams.port](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L361) | int | `3978` | The Service port for bot endpoint on BotKube container. | -| [communications.discord.enabled](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L366) | bool | `false` | If true, enables Discord bot. | -| [communications.discord.token](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L368) | string | `"DISCORD_TOKEN"` | BotKube Bot Token. | -| [communications.discord.botid](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L370) | string | `"DISCORD_BOT_ID"` | BotKube Application Client ID. | -| [communications.discord.channel](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L373) | string | `"DISCORD_CHANNEL_ID"` | Discord channel ID for receiving BotKube alerts. The BotKube user needs to be added to it. | -| [communications.discord.notiftype](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L375) | string | `"short"` | Configures notification type that are sent. Possible values: `short`, `long`. | -| [communications.elasticsearch.enabled](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L380) | bool | `false` | If true, enables Elasticsearch. | -| [communications.elasticsearch.awsSigning.enabled](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L384) | bool | `false` | If true, enables awsSigning using IAM for Elasticsearch hosted on AWS. Make sure AWS environment variables are set. [Ref doc](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html). | -| [communications.elasticsearch.awsSigning.awsRegion](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L386) | string | `"us-east-1"` | AWS region where Elasticsearch is deployed. | -| [communications.elasticsearch.awsSigning.roleArn](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L388) | string | `""` | AWS IAM Role arn to assume for credentials, use this only if you don't want to use the EC2 instance role or not running on AWS instance. | -| [communications.elasticsearch.server](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L390) | string | `"ELASTICSEARCH_ADDRESS"` | The server URL, e.g https://example.com:9243 | -| [communications.elasticsearch.username](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L392) | string | `"ELASTICSEARCH_USERNAME"` | Basic Auth username. | -| [communications.elasticsearch.password](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L394) | string | `"ELASTICSEARCH_PASSWORD"` | Basic Auth password. | -| [communications.elasticsearch.skipTLSVerify](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L397) | bool | `false` | If true, skips the verification of TLS certificate of the Elastic nodes. It's useful for clusters with self-signed certificates. | -| [communications.elasticsearch.index](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L399) | object | `{"name":"botkube","replicas":0,"shards":1,"type":"botkube-event"}` | Configures Elasticsearch index settings. | -| [communications.webhook.enabled](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L408) | bool | `false` | If true, enables Webhook. | -| [communications.webhook.url](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L410) | string | `"WEBHOOK_URL"` | The Webhook URL, e.g.: https://example.com:80 | -| [service](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L413) | object | `{"name":"metrics","port":2112,"targetPort":2112}` | Configures Service settings for ServiceMonitor CR. | -| [ingress](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L420) | object | `{"annotations":{"kubernetes.io/ingress.class":"nginx"},"create":false,"host":"HOST","tls":{"enabled":false,"secretName":""}}` | Configures Ingress settings that exposes MS Teams endpoint. [Ref doc](https://kubernetes.io/docs/concepts/services-networking/ingress/#the-ingress-resource). | -| [serviceMonitor](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L431) | object | `{"enabled":false,"interval":"10s","labels":{},"path":"/metrics","port":"metrics"}` | Configures ServiceMonitor settings. [Ref doc](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor). | -| [deployment.annotations](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L441) | object | `{}` | Extra annotations to pass to the BotKube Deployment. | -| [extraAnnotations](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L448) | object | `{}` | Extra annotations to pass to the BotKube Pod. | -| [priorityClassName](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L450) | string | `""` | Priority class name for the BotKube Pod. | -| [nameOverride](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L453) | string | `""` | Fully override "botkube.name" template. | -| [fullnameOverride](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L455) | string | `""` | Fully override "botkube.fullname" template. | -| [resources](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L461) | object | `{}` | The BotKube Pod resource request and limits. We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. [Ref docs](https://kubernetes.io/docs/user-guide/compute-resources/) | -| [extraEnv](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L473) | list | `[]` | Extra environment variables to pass to the BotKube container. [Ref docs](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#environment-variables). | -| [extraVolumes](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L485) | list | `[]` | Extra volumes to pass to the BotKube container. Mount it later with extraVolumeMounts. [Ref docs](https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/volume/#Volume). | -| [extraVolumeMounts](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L500) | list | `[]` | Extra volume mounts to pass to the BotKube container. [Ref docs](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#volumes-1). | -| [nodeSelector](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L518) | object | `{}` | Node labels for BotKube Pod assignment. [Ref doc](https://kubernetes.io/docs/user-guide/node-selection/). | -| [tolerations](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L522) | list | `[]` | Tolerations for BotKube Pod assignment. [Ref doc](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/). | -| [affinity](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L526) | object | `{}` | Affinity for BotKube Pod assignment. [Ref doc](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). | -| [rbac](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L530) | object | `{"create":true,"rules":[{"apiGroups":["*"],"resources":["*"],"verbs":["get","watch","list"]}]}` | Role Based Access for BotKube Pod. [Ref doc](https://kubernetes.io/docs/admin/authorization/rbac/). | -| [serviceAccount.create](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L539) | bool | `true` | If true, a ServiceAccount is automatically created. | -| [serviceAccount.name](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L542) | string | `""` | The name of the service account to use. If not set, a name is generated using the fullname template. | -| [serviceAccount.annotations](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L544) | object | `{}` | Extra annotations for the ServiceAccount. | -| [extraObjects](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L547) | list | `[]` | Extra Kubernetes resources to create. Helm templating is allowed as it is evaluated before creating the resources. | -| [analytics.disable](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L575) | bool | `false` | If true, sending anonymous analytics is disabled. To learn what date we collect, see [Privacy Policy](https://botkube.io/privacy#privacy-policy). | -| [e2eTest.image.registry](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L581) | string | `"ghcr.io"` | Test runner image registry. | -| [e2eTest.image.repository](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L583) | string | `"kubeshop/botkube-test"` | Test runner image repository. | -| [e2eTest.image.pullPolicy](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L585) | string | `"IfNotPresent"` | Test runner image pull policy. | -| [e2eTest.image.tag](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L587) | string | `"v9.99.9-dev"` | Test runner image tag. Default tag is `appVersion` from Chart.yaml. | -| [e2eTest.deployment](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L589) | object | `{"waitTimeout":"3m"}` | Configures BotKube Deployment related data. | -| [e2eTest.slack.botName](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L594) | string | `"botkube"` | Name of the BotKube bot to interact with during the e2e tests. | -| [e2eTest.slack.testerAppToken](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L596) | string | `""` | Slack tester application token that interacts with BotKube bot. | -| [e2eTest.slack.additionalContextMessage](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L598) | string | `""` | Additional message that is sent by Tester. You can pass e.g. pull request number or source link where these tests are run from. | -| [e2eTest.slack.messageWaitTimeout](https://github.com/kubeshop/botkube/blob/04c5ef49f3af99087f6c18f1c7853d29485c9568/helm/botkube/values.yaml#L600) | string | `"1m"` | Message wait timeout. It defines how long we wait to ensure that notification were not sent when disabled. | +| [image.registry](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L14) | string | `"ghcr.io"` | BotKube container image registry. | +| [image.repository](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L16) | string | `"kubeshop/botkube"` | BotKube container image repository. | +| [image.pullPolicy](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L18) | string | `"IfNotPresent"` | BotKube container image pull policy. | +| [image.tag](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L20) | string | `"v9.99.9-dev"` | BotKube container image tag. Default tag is `appVersion` from Chart.yaml. | +| [podSecurityPolicy](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L24) | object | `{"enabled":false}` | Configures Pod Security Policy to allow BotKube to run in restricted clusters. [Ref doc](https://kubernetes.io/docs/concepts/policy/pod-security-policy/). | +| [securityContext](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L30) | object | Runs as a Non-Privileged user. | Configures security context to manage user Privileges in Pod. [Ref doc](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod). | +| [containerSecurityContext](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L36) | object | `{"allowPrivilegeEscalation":false,"privileged":false,"readOnlyRootFilesystem":true}` | Configures container security context. [Ref doc](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container). | +| [kubeconfig.enabled](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L44) | bool | `false` | If true, enables overriding the Kubernetes auth. | +| [kubeconfig.base64Config](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L46) | string | `""` | A base64 encoded kubeconfig that will be stored in a Secret, mounted to the Pod, and specified in the KUBECONFIG environment variable. | +| [kubeconfig.existingSecret](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L51) | string | `""` | A Secret containing a kubeconfig to use. | +| [config.resources](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L57) | list | Watch all built-in K8s kinds. | Describes the Kubernetes resources you want to watch. | +| [config.recommendations](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L261) | bool | `true` | If true, BotKube sends recommendations about the best practices for the created resource. | +| [config.ssl.enabled](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L266) | bool | `false` | If true, specify cert path in `config.ssl.cert` property or K8s Secret in `config.ssl.existingSecretName`. | +| [config.ssl.existingSecretName](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L272) | string | `""` | Using existing SSL Secret. It MUST be in `botkube` Namespace. | +| [config.ssl.cert](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L275) | string | `""` | SSL Certificate file e.g certs/my-cert.crt. | +| [config.settings.clusterName](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L280) | string | `"not-configured"` | Cluster name to differentiate incoming messages. | +| [config.settings.kubectl.enabled](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L284) | bool | `false` | If true, enables `kubectl` commands execution. | +| [config.settings.kubectl.commands.verbs](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L288) | list | `["api-resources","api-versions","cluster-info","describe","diff","explain","get","logs","top","auth"]` | Configures which `kubectl` methods are allowed. | +| [config.settings.kubectl.commands.resources](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L290) | list | `["deployments","pods","namespaces","daemonsets","statefulsets","storageclasses","nodes","configmaps"]` | Configures which K8s resource are allowed. | +| [config.settings.kubectl.defaultNamespace](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L292) | string | `"default"` | Configures the default Namespace for executing BotKube `kubectl` commands. | +| [config.settings.kubectl.restrictAccess](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L294) | bool | `false` | If true, enables commands execution from configured channel only. | +| [config.settings.configWatcher](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L296) | bool | `true` | If true, restarts the BotKube Pod on config changes. | +| [config.settings.upgradeNotifier](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L298) | bool | `true` | If true, notifies about new BotKube releases. | +| [config.settings.log.level](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L302) | string | `"info"` | Sets one of the log levels. Allowed values: `info`, `warn`, `debug`, `error`, `fatal`, `panic`. | +| [config.settings.log.disableColors](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L304) | bool | `false` | If true, disable ANSI colors in logging. | +| [communications.existingSecretName](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L316) | string | `""` | Configures existing Secret with communication settings. It MUST be in the `botkube` Namespace. | +| [communications.slack.enabled](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L321) | bool | `false` | If true, enables Slack bot. | +| [communications.slack.channel](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L323) | string | `"SLACK_CHANNEL"` | Slack channel name without '#' prefix where you have added BotKube and want to receive notifications in. | +| [communications.slack.token](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L325) | string | `"SLACK_API_TOKEN"` | Slack token. | +| [communications.slack.notification.type](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L328) | string | `"short"` | Configures notification type that are sent. Possible values: `short`, `long`. | +| [communications.mattermost.enabled](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L333) | bool | `false` | If true, enables Mattermost bot. | +| [communications.mattermost.botName](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L335) | string | `"BotKube"` | User in Mattermost which belongs the specified Personal Access token. | +| [communications.mattermost.url](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L337) | string | `"MATTERMOST_SERVER_URL"` | The URL (including http/https schema) where Mattermost is running. e.g https://example.com:9243 | +| [communications.mattermost.token](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L339) | string | `"MATTERMOST_TOKEN"` | Personal Access token generated by BotKube user. | +| [communications.mattermost.team](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L341) | string | `"MATTERMOST_TEAM"` | The Mattermost Team name where BotKube is added. | +| [communications.mattermost.channel](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L344) | string | `"MATTERMOST_CHANNEL"` | The Mattermost channel name for receiving BotKube alerts. The BotKube user needs to be added to it. | +| [communications.mattermost.notification.type](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L347) | string | `"short"` | Configures notification type that are sent. Possible values: `short`, `long`. | +| [communications.teams.enabled](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L352) | bool | `false` | If true, enables MS Teams bot. | +| [communications.teams.appID](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L354) | string | `"APPLICATION_ID"` | The BotKube application ID generated while registering Bot to MS Teams. | +| [communications.teams.appPassword](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L356) | string | `"APPLICATION_PASSWORD"` | The BotKube application password generated while registering Bot to MS Teams. | +| [communications.teams.messagePath](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L358) | string | `"/bots/teams"` | The path in endpoint URL provided while registering BotKube to MS Teams. | +| [communications.teams.notification.type](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L361) | string | `"short"` | Configures notification type that are sent. Possible values: `short`, `long`. | +| [communications.teams.port](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L363) | int | `3978` | The Service port for bot endpoint on BotKube container. | +| [communications.discord.enabled](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L368) | bool | `false` | If true, enables Discord bot. | +| [communications.discord.token](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L370) | string | `"DISCORD_TOKEN"` | BotKube Bot Token. | +| [communications.discord.botID](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L372) | string | `"DISCORD_BOT_ID"` | BotKube Application Client ID. | +| [communications.discord.channel](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L375) | string | `"DISCORD_CHANNEL_ID"` | Discord channel ID for receiving BotKube alerts. The BotKube user needs to be added to it. | +| [communications.discord.notification.type](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L378) | string | `"short"` | Configures notification type that are sent. Possible values: `short`, `long`. | +| [communications.elasticsearch.enabled](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L383) | bool | `false` | If true, enables Elasticsearch. | +| [communications.elasticsearch.awsSigning.enabled](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L387) | bool | `false` | If true, enables awsSigning using IAM for Elasticsearch hosted on AWS. Make sure AWS environment variables are set. [Ref doc](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html). | +| [communications.elasticsearch.awsSigning.awsRegion](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L389) | string | `"us-east-1"` | AWS region where Elasticsearch is deployed. | +| [communications.elasticsearch.awsSigning.roleArn](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L391) | string | `""` | AWS IAM Role arn to assume for credentials, use this only if you don't want to use the EC2 instance role or not running on AWS instance. | +| [communications.elasticsearch.server](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L393) | string | `"ELASTICSEARCH_ADDRESS"` | The server URL, e.g https://example.com:9243 | +| [communications.elasticsearch.username](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L395) | string | `"ELASTICSEARCH_USERNAME"` | Basic Auth username. | +| [communications.elasticsearch.password](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L397) | string | `"ELASTICSEARCH_PASSWORD"` | Basic Auth password. | +| [communications.elasticsearch.skipTLSVerify](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L400) | bool | `false` | If true, skips the verification of TLS certificate of the Elastic nodes. It's useful for clusters with self-signed certificates. | +| [communications.elasticsearch.index](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L402) | object | `{"name":"botkube","replicas":0,"shards":1,"type":"botkube-event"}` | Configures Elasticsearch index settings. | +| [communications.webhook.enabled](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L411) | bool | `false` | If true, enables Webhook. | +| [communications.webhook.url](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L413) | string | `"WEBHOOK_URL"` | The Webhook URL, e.g.: https://example.com:80 | +| [service](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L416) | object | `{"name":"metrics","port":2112,"targetPort":2112}` | Configures Service settings for ServiceMonitor CR. | +| [ingress](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L423) | object | `{"annotations":{"kubernetes.io/ingress.class":"nginx"},"create":false,"host":"HOST","tls":{"enabled":false,"secretName":""}}` | Configures Ingress settings that exposes MS Teams endpoint. [Ref doc](https://kubernetes.io/docs/concepts/services-networking/ingress/#the-ingress-resource). | +| [serviceMonitor](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L434) | object | `{"enabled":false,"interval":"10s","labels":{},"path":"/metrics","port":"metrics"}` | Configures ServiceMonitor settings. [Ref doc](https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#servicemonitor). | +| [deployment.annotations](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L444) | object | `{}` | Extra annotations to pass to the BotKube Deployment. | +| [extraAnnotations](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L451) | object | `{}` | Extra annotations to pass to the BotKube Pod. | +| [priorityClassName](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L453) | string | `""` | Priority class name for the BotKube Pod. | +| [nameOverride](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L456) | string | `""` | Fully override "botkube.name" template. | +| [fullnameOverride](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L458) | string | `""` | Fully override "botkube.fullname" template. | +| [resources](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L464) | object | `{}` | The BotKube Pod resource request and limits. We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. [Ref docs](https://kubernetes.io/docs/user-guide/compute-resources/) | +| [extraEnv](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L476) | list | `[]` | Extra environment variables to pass to the BotKube container. [Ref docs](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#environment-variables). | +| [extraVolumes](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L488) | list | `[]` | Extra volumes to pass to the BotKube container. Mount it later with extraVolumeMounts. [Ref docs](https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/volume/#Volume). | +| [extraVolumeMounts](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L503) | list | `[]` | Extra volume mounts to pass to the BotKube container. [Ref docs](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#volumes-1). | +| [nodeSelector](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L521) | object | `{}` | Node labels for BotKube Pod assignment. [Ref doc](https://kubernetes.io/docs/user-guide/node-selection/). | +| [tolerations](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L525) | list | `[]` | Tolerations for BotKube Pod assignment. [Ref doc](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/). | +| [affinity](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L529) | object | `{}` | Affinity for BotKube Pod assignment. [Ref doc](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). | +| [rbac](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L533) | object | `{"create":true,"rules":[{"apiGroups":["*"],"resources":["*"],"verbs":["get","watch","list"]}]}` | Role Based Access for BotKube Pod. [Ref doc](https://kubernetes.io/docs/admin/authorization/rbac/). | +| [serviceAccount.create](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L542) | bool | `true` | If true, a ServiceAccount is automatically created. | +| [serviceAccount.name](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L545) | string | `""` | The name of the service account to use. If not set, a name is generated using the fullname template. | +| [serviceAccount.annotations](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L547) | object | `{}` | Extra annotations for the ServiceAccount. | +| [extraObjects](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L550) | list | `[]` | Extra Kubernetes resources to create. Helm templating is allowed as it is evaluated before creating the resources. | +| [analytics.disable](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L578) | bool | `false` | If true, sending anonymous analytics is disabled. To learn what date we collect, see [Privacy Policy](https://botkube.io/privacy#privacy-policy). | +| [e2eTest.image.registry](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L584) | string | `"ghcr.io"` | Test runner image registry. | +| [e2eTest.image.repository](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L586) | string | `"kubeshop/botkube-test"` | Test runner image repository. | +| [e2eTest.image.pullPolicy](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L588) | string | `"IfNotPresent"` | Test runner image pull policy. | +| [e2eTest.image.tag](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L590) | string | `"v9.99.9-dev"` | Test runner image tag. Default tag is `appVersion` from Chart.yaml. | +| [e2eTest.deployment](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L592) | object | `{"waitTimeout":"3m"}` | Configures BotKube Deployment related data. | +| [e2eTest.slack.botName](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L597) | string | `"botkube"` | Name of the BotKube bot to interact with during the e2e tests. | +| [e2eTest.slack.testerAppToken](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L599) | string | `""` | Slack tester application token that interacts with BotKube bot. | +| [e2eTest.slack.additionalContextMessage](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L601) | string | `""` | Additional message that is sent by Tester. You can pass e.g. pull request number or source link where these tests are run from. | +| [e2eTest.slack.messageWaitTimeout](https://github.com/kubeshop/botkube/blob/e7a4af6e7b74654e986fd6c964a86b46fc0dceb6/helm/botkube/values.yaml#L603) | string | `"1m"` | Message wait timeout. It defines how long we wait to ensure that notification were not sent when disabled. | ### AWS IRSA on EKS support diff --git a/content/configuration/resource.md b/content/configuration/resource.md index b9baa55b..219bd9c7 100644 --- a/content/configuration/resource.md +++ b/content/configuration/resource.md @@ -2,14 +2,10 @@ title: "Resource" date: 2019-01-08T17:58:08+05:30 draft: false -weight: 20 +weight: 22 --- -BotKube backend reads resource configurations from the [resource_config.yaml](#file-syntax) file placed in the directory specified by the **CONFIG_PATH** environment variable. - -## File syntax - -The resource configuration file contains: +The resource settings contains: - Resource list you want to watch, - Namespaces you want to filter, @@ -17,11 +13,7 @@ The resource configuration file contains: - Settings to monitor updates for the specific resource fields, - Way to skip filter runs. -It also contains global settings to: - -- Toggle kubectl command execution, -- Configure kubectl commands BotKube can execute, -- Restrict kubectl command execute to specific channel. +## Syntax ```yaml ## Resources you want to watch @@ -77,29 +69,6 @@ resources: # Check true if you want to receive recommendations # about the best practices for the created resource recommendations: true - -# Cluster Setting to manage command execution access -settings: - # Set cluster name to differentiate incoming messages - clustername: not-configured - # Kubectl executor configs - kubectl: - # Set true to enable kubectl commands execution - enabled: false - # List of allowed commands - commands: - # kubectl method which are allowed with BotKube command - verbs: ["api-resources", "api-versions", "cluster-info", "describe", "diff", "explain", "get", "logs", "top", "auth"] - # resources on which kubectl methods are allowed with BotKube commands - resources: ["deployments", "pods" , "namespaces", "daemonsets", "statefulsets", "storageclasses", "nodes"] - # set Namespace to execute botkube kubectl commands by default - defaultNamespace: default - # Set true to enable commands execution from configured channel only - restrictAccess: false - # Set true to enable config watcher - configwatcher: true - # Set false to disable upgrade notification - upgradeNotifier: true ``` The default configuration for Helm chart can be found in [values.yaml](https://github.com/kubeshop/botkube/blob/main/helm/botkube/values.yaml). diff --git a/content/contribute/_index.md b/content/contribute/_index.md index 33b0c3f6..3da9a9c8 100644 --- a/content/contribute/_index.md +++ b/content/contribute/_index.md @@ -50,7 +50,7 @@ Now you can build and run BotKube by one of the following ways --set communications.slack.enabled=true \ --set communications.slack.channel= \ --set communications.slack.token= \ - --set settings.clustername= \ + --set settings.clusterName= \ --set settings.kubectl.enabled= \ --set image.repository=/botkube \ --set image.tag=v9.99.9-dev \ @@ -76,15 +76,16 @@ For faster development, you can also build and run BotKube outside K8s cluster. ```sh cp resource_config.yaml.tpl resource_config.yaml cp comm_config.yaml.tpl comm_config.yaml - ``` + ``` Edit the newly created `resource_config.yaml` and `comm_config.yaml` files to configure resource and set communication credentials. -3. Export the path to directory of `config.yaml` +3. Export paths for configuration files: + ```sh - # From project root directory - export CONFIG_PATH=$(pwd) + export BOTKUBE_CONFIG_PATHS="$(pwd)/resource_config.yaml,$(pwd)/comm_config.yaml" ``` + 4. Export the path to Kubeconfig: ```sh diff --git a/content/examples/_index.md b/content/examples/_index.md index 475d52d5..e71538cb 100644 --- a/content/examples/_index.md +++ b/content/examples/_index.md @@ -15,33 +15,33 @@ The default notification type is **short** #### Resource created -![](/images/create_sh.png "Slack notiftype=short") -![](/images/create.png "Slack notiftype=long") +![](/images/create_sh.png "Slack notification.type=short") +![](/images/create.png "Slack notification.type=long") #### Resource deleted -![](/images/mm_delete_sh.png "Mattermost notiftype=short") -![](/images/delete.png "Slack notiftype=long") +![](/images/mm_delete_sh.png "Mattermost notification.type=short") +![](/images/delete.png "Slack notification.type=long") #### Failed to pull image -![](/images/image_failed_sh.png "Slack notiftype=short") -![](/images/mm_image_failed_sh.png "Mattermost notiftype=short") -![](/images/image-failed.png "Slack notiftype=long") +![](/images/image_failed_sh.png "Slack notification.type=short") +![](/images/mm_image_failed_sh.png "Mattermost notification.type=short") +![](/images/image-failed.png "Slack notification.type=long") #### Error in pod -![](/images/error_sh.png "Slack notiftype=short") +![](/images/error_sh.png "Slack notification.type=short") #### Readiness probe failed for the pod -![](/images/readiness_sh.png "Slack notiftype=short") -![](/images/mm_readiness_sh.png "Mattermost notiftype=short") +![](/images/readiness_sh.png "Slack notification.type=short") +![](/images/mm_readiness_sh.png "Mattermost notification.type=short") #### Job succeeded -![](/images/job_success_sh.png "Slack notiftype=short") -![](/images/job_success.png "Slack notiftype=long") +![](/images/job_success_sh.png "Slack notification.type=short") +![](/images/job_success.png "Slack notification.type=long") #### Monitor Velero backups diff --git a/content/installation/Discord/_index.md b/content/installation/Discord/_index.md index eddc028e..57db8882 100644 --- a/content/installation/Discord/_index.md +++ b/content/installation/Discord/_index.md @@ -97,9 +97,9 @@ Follow the first 4 mins of this [Video Tutorial](https://youtu.be/8o25pRbXdFw) t $ helm install --version v0.12.4 botkube --namespace botkube --create-namespace \ --set communications.discord.enabled=true \ --set communications.discord.channel= \ - --set communications.discord.botid= \ + --set communications.discord.botID= \ --set communications.discord.token= \ - --set config.settings.clustername= \ + --set config.settings.clusterName= \ --set config.settings.kubectl.enabled= \ --set image.tag=v0.12.4 \ botkube/botkube diff --git a/content/installation/ElasticSearch/_index.md b/content/installation/ElasticSearch/_index.md index ac57a440..0b12cbe9 100644 --- a/content/installation/ElasticSearch/_index.md +++ b/content/installation/ElasticSearch/_index.md @@ -29,7 +29,7 @@ toc = true --set communications.elasticsearch.index.type= \ --set communications.elasticsearch.index.shards= \ --set communications.elasticsearch.index.replicas= \ - --set config.settings.clustername= \ + --set config.settings.clusterName= \ --set image.tag=v0.12.4 \ botkube/botkube ``` diff --git a/content/installation/Mattermost/_index.md b/content/installation/Mattermost/_index.md index 0a8e819f..56d33b89 100644 --- a/content/installation/Mattermost/_index.md +++ b/content/installation/Mattermost/_index.md @@ -82,7 +82,7 @@ Add BotKube user created to the channel you want to receive notifications in. --set communications.mattermost.team= \ --set communications.mattermost.channel= \ --set communications.mattermost.botName= \ - --set config.settings.clustername= \ + --set config.settings.clusterName= \ --set config.settings.kubectl.enabled= \ --set image.tag=v0.12.4 \ botkube/botkube diff --git a/content/installation/Slack/_index.md b/content/installation/Slack/_index.md index 412fb450..5f322c24 100644 --- a/content/installation/Slack/_index.md +++ b/content/installation/Slack/_index.md @@ -43,7 +43,7 @@ After installing BotKube app to your Slack workspace, you could see a new bot us --set communications.slack.enabled=true \ --set communications.slack.channel= \ --set communications.slack.token= \ - --set config.settings.clustername= \ + --set config.settings.clusterName= \ --set config.settings.kubectl.enabled= \ --set image.tag=v0.12.4 \ botkube/botkube diff --git a/content/installation/Teams/_index.md b/content/installation/Teams/_index.md index d7854dab..2443b157 100644 --- a/content/installation/Teams/_index.md +++ b/content/installation/Teams/_index.md @@ -119,7 +119,7 @@ We will use this TLS secret while deploying the BotKube backend. --set communications.teams.enabled=true \ --set communications.teams.appID= \ --set communications.teams.appPassword= \ - --set config.settings.clustername= \ + --set config.settings.clusterName= \ --set config.settings.kubectl.enabled= \ --set ingress.create=true \ --set ingress.host= \ diff --git a/content/installation/Webhook/_index.md b/content/installation/Webhook/_index.md index a69cca52..25c8e24d 100644 --- a/content/installation/Webhook/_index.md +++ b/content/installation/Webhook/_index.md @@ -25,7 +25,7 @@ BotKube can be integrated with external apps via Webhooks. A webhook is essentia $ helm install --version v0.12.4 botkube --namespace botkube --create-namespace \ --set communications.webhook.enabled=true \ --set communications.webhook.url= \ - --set config.settings.clustername= \ + --set config.settings.clusterName= \ --set image.tag=v0.12.4 \ botkube/botkube ``` diff --git a/content/usage/_index.md b/content/usage/_index.md index d0a0f4d3..7a6b3ff2 100644 --- a/content/usage/_index.md +++ b/content/usage/_index.md @@ -46,8 +46,8 @@ To get the list of all clusters configured in botkube, you can use the ping comm ![ping](/images/ping.png) For cluster-specific response, -use `--cluster-name` flag to specify the cluster's name on which command needs to be executed. -Use of this flag allows you to get response from any channel or group where BotKube is added. +use `--cluster-name` flag to specify the cluster's name on which command needs to be executed. +Use of this flag allows you to get response from any channel or group where BotKube is added. The flag is ignored in notifier commands as they can be executed from the configured channel only. ![flag_clustername_ping](/images/flag_clustername_ping.png) @@ -77,7 +77,7 @@ If you wish to change the configuration, you can update config section in **helm ```bash $ helm upgrade botkube \ ---set config.settings.clustername= \ +--set config.settings.clusterName= \ --set config.settings.allowkubectl= \ helm/botkube ``` @@ -86,7 +86,7 @@ OR You can also modify the controller configuration at runtime. You have to edit the configmap which will also restart the BotKube pod to update mounted configuration in the pod. ```bash -$ kubectl edit configmap botkube-configmap -n botkube +kubectl edit configmap botkube-global-config -n botkube ``` This command will open configmap specs in vim editor. Do the required changes, save and exit. The BotKube pod will automatically restart to have these configuration in effect.