uctl demo status

Gets the status of the demo environment.

Synopsis

Retrieves the status of the demo environment. Currently, Flyte demo runs as a local Docker container.

Usage:

$ uctl demo status

Options

Option Type Description
-h, --help help for status

Options inherited from parent commands

Option Type Description
--admin.audience string Audience to use when initiating OAuth2 authorization requests.
--admin.authType string Type of OAuth2 flow used for communicating with admin.ClientSecret, Pkce, ExternalCommand are valid values (default “ClientSecret”)
--admin.authorizationHeader string Custom metadata header to pass JWT
--admin.authorizationServerUrl string This is the URL to your IdP’s authorization server. It’ll default to Endpoint
--admin.caCertFilePath string Use specified certificate file to verify the admin server peer.
--admin.clientId string Client ID (default “flytepropeller”)
--admin.clientSecretEnvVar string Environment variable containing the client secret
--admin.clientSecretLocation string File containing the client secret (default “/etc/secrets/client_secret”)
--admin.command strings Command for external authentication token generation
--admin.defaultOrg string OPTIONAL: Default org to use to support non-org based cli’s.'.
--admin.defaultServiceConfig string
--admin.deviceFlowConfig.pollInterval string amount of time the device flow would poll the token endpoint if auth server doesn’t return a polling interval. Okta and google IDP do return an interval’ (default “5s”)
--admin.deviceFlowConfig.refreshTime string grace period from the token expiry after which it would refresh the token. (default “5m0s”)
--admin.deviceFlowConfig.timeout string amount of time the device flow should complete or else it will be cancelled. (default “10m0s”)
--admin.endpoint string For admin types, specify where the uri of the service is located.
--admin.httpProxyURL string OPTIONAL: HTTP Proxy to be used for OAuth requests.
--admin.insecure Use insecure connection.
--admin.insecureSkipVerify InsecureSkipVerify controls whether a client verifies the server’s certificate chain and host name.Caution: shouldn’t be use for production usecases'
--admin.maxBackoffDelay string Max delay for grpc backoff (default “8s”)
--admin.maxMessageSizeBytes int The max size in bytes for incoming gRPC messages
--admin.maxRetries int Max number of gRPC retries (default 4)
--admin.perRetryTimeout string gRPC per retry timeout (default “15s”)
--admin.pkceConfig.refreshTime string grace period from the token expiry after which it would refresh the token. (default “5m0s”)
--admin.pkceConfig.timeout string Amount of time the browser session would be active for authentication from client app. (default “2m0s”)
--admin.proxyCommand strings Command for external proxy-authorization token generation
--admin.scopes strings List of scopes to request
--admin.tokenRefreshWindow string Max duration between token refresh attempt and token expiry. (default “0s”)
--admin.tokenUrl string OPTIONAL: Your IdP’s token endpoint. It’ll be discovered from flyte admin’s OAuth Metadata endpoint if not provided.
--admin.useAudienceFromAdmin Use Audience configured from admins public endpoint config.
--admin.useAuth Deprecated: Auth will be enabled/disabled based on admin’s dynamically discovered information.
--auth.appAuth.externalAuthServer.allowedAudience strings Optional: A list of allowed audiences. If not provided, the audience is expected to be the public Uri of the service.
--auth.appAuth.externalAuthServer.baseUrl string This should be the base url of the authorization server that you are trying to hit. With Okta for instance, it will look something like https://company.okta.com/oauth2/abcdef123456789/
--auth.appAuth.externalAuthServer.httpProxyURL string OPTIONAL: HTTP Proxy to be used for OAuth requests.
--auth.appAuth.externalAuthServer.metadataUrl string Optional: If the server doesn’t support /.well-known/oauth-authorization-server, you can set a custom metadata url here.'
--auth.appAuth.externalAuthServer.retryAttempts int Optional: The number of attempted retries on a transient failure to get the OAuth metadata (default 5)
--auth.appAuth.externalAuthServer.retryDelay string Optional, Duration to wait between retries (default “1s”)
--auth.appAuth.selfAuthServer.accessTokenLifespan string Defines the lifespan of issued access tokens. (default “30m0s”)
--auth.appAuth.selfAuthServer.authorizationCodeLifespan string Defines the lifespan of issued access tokens. (default “5m0s”)
--auth.appAuth.selfAuthServer.claimSymmetricEncryptionKeySecretName string OPTIONAL: Secret name to use to encrypt claims in authcode token. (default “claim_symmetric_key”)
--auth.appAuth.selfAuthServer.issuer string Defines the issuer to use when issuing and validating tokens. The default value is https://{requestUri.HostAndPort}/
--auth.appAuth.selfAuthServer.oldTokenSigningRSAKeySecretName string OPTIONAL: Secret name to use to retrieve Old RSA Signing Key. This can be useful during key rotation to continue to accept older tokens. (default “token_rsa_key_old.pem”)
--auth.appAuth.selfAuthServer.refreshTokenLifespan string Defines the lifespan of issued access tokens. (default “1h0m0s”)
--auth.appAuth.selfAuthServer.tokenSigningRSAKeySecretName string OPTIONAL: Secret name to use to retrieve RSA Signing Key. (default “token_rsa_key.pem”)
--auth.appAuth.thirdPartyConfig.flyteClient.audience string Audience to use when initiating OAuth2 authorization requests.
--auth.appAuth.thirdPartyConfig.flyteClient.clientId string public identifier for the app which handles authorization for a Flyte deployment (default “uctl”)
--auth.appAuth.thirdPartyConfig.flyteClient.redirectUri string This is the callback uri registered with the app which handles authorization for a Flyte deployment (default “http://localhost:53593/callback”)
--auth.appAuth.thirdPartyConfig.flyteClient.scopes strings Recommended scopes for the client to request. (default [all,offline])
--auth.disableForGrpc Disables auth enforcement on Grpc Endpoints.
--auth.disableForHttp Disables auth enforcement on HTTP Endpoints.
--auth.grpcAuthorizationHeader string (default “flyte-authorization”)
--auth.httpAuthorizationHeader string (default “flyte-authorization”)
--auth.httpProxyURL string OPTIONAL: HTTP Proxy to be used for OAuth requests.
--auth.tokenEndpointProxyPath string The path used to proxy calls to the TokenURL
--auth.userAuth.cookieBlockKeySecretName string OPTIONAL: Secret name to use for cookie block key. (default “cookie_block_key”)
--auth.userAuth.cookieHashKeySecretName string OPTIONAL: Secret name to use for cookie hash key. (default “cookie_hash_key”)
--auth.userAuth.cookieSetting.domain string OPTIONAL: Allows you to set the domain attribute on the auth cookies.
--auth.userAuth.cookieSetting.sameSitePolicy string OPTIONAL: Allows you to declare if your cookie should be restricted to a first-party or same-site context.Wrapper around http.SameSite. (default “DefaultMode”)
--auth.userAuth.httpProxyURL string OPTIONAL: HTTP Proxy to be used for OAuth requests.
--auth.userAuth.idpQueryParameter string idp query parameter used for selecting a particular IDP for doing user authentication. Eg: for Okta passing idp={IDP-ID} forces the authentication to happen with IDP-ID
--auth.userAuth.openId.baseUrl string
--auth.userAuth.openId.clientId string
--auth.userAuth.openId.clientSecretFile string
--auth.userAuth.openId.clientSecretName string (default “oidc_client_secret”)
--auth.userAuth.openId.scopes strings (default [openid,profile])
--auth.userAuth.redirectUrl string (default “/console”)
--authorizer.internalCommunicationConfig.enabled Enables authorization decisions for internal communication. (default true)
--authorizer.internalCommunicationConfig.ingressIdentity string IngressIdentity used in the cluster. Needed to exclude the communication coming from ingress. (default “ingress-nginx.ingress-nginx.serviceaccount.identity.linkerd.cluster.local”)
--authorizer.internalCommunicationConfig.tenantUrlPatternIdentity string UrlPatternIdentity of the internal tenant service endpoint identities. (default “{{ service }}.{{ org }}.serviceaccount.identity.linkerd.cluster.local”)
--authorizer.internalCommunicationConfig.urlPatternIdentity string UrlPatternIdentity of the internal service endpoint identities. (default “{{ service }}-helmchart.{{ service }}.serviceaccount.identity.linkerd.cluster.local”)
--authorizer.mode string (default “Active”)
--authorizer.organizationConfig.PolicyConfig.adminPolicyDescription string description for the boilerplate admin policy (default “Contributor permissions and full admin permissions to manage users and view usage dashboards”)
--authorizer.organizationConfig.PolicyConfig.contributorPolicyDescription string description for the boilerplate contributor policy (default “Viewer permissions and permissions to create workflows, tasks, launch plans, and executions”)
--authorizer.organizationConfig.PolicyConfig.defaultUserPolicyRoleType string name of the role type to determine which default policy new users added to the organization should be assigned (default “Viewer”)
--authorizer.organizationConfig.PolicyConfig.serverlessContributorPolicyDescription string description for the boilerplate serverless contributor policy (default “Viewer permissions and permissions to create workflows, tasks, launch plans, and executions”)
--authorizer.organizationConfig.PolicyConfig.serverlessViewerPolicyDescription string description for the boilerplate serverless viewer policy (default “Permissions to view Flyte entities”)
--authorizer.organizationConfig.PolicyConfig.viewerPolicyDescription string description for the boilerplate viewer policy (default “Permissions to view Flyte entities”)
--authorizer.organizationConfig.defaultPolicyCacheDuration string Cache entry duration for the store of the default policy per organization (default “10m0s”)
--authorizer.syncRuleRefreshInterval string (default “1m0s”)
--authorizer.type string (default “UserClouds”)
--authorizer.userCloudsClient.cache.redis.ttl.edgeTypes string Specifies how long edge types remain in the cache.. (default “30m0s”)
--authorizer.userCloudsClient.cache.redis.ttl.edges string Specifies how long edges remain in the cache. (default “30m0s”)
--authorizer.userCloudsClient.cache.redis.ttl.objectTypes string Specifies how long object types remain in the cache. (default “30m0s”)
--authorizer.userCloudsClient.cache.redis.ttl.objects string Specifies how long objects remain in the cache. (default “30m0s”)
--authorizer.userCloudsClient.cache.type string Cache type to use. (default “none”)
--authorizer.userCloudsClient.clientID string UserClouds client id
--authorizer.userCloudsClient.clientSecretName string UserCloud client secret name to read from the secret manager. (default “userclouds-client-secret”)
--authorizer.userCloudsClient.enableLogging Enable userclouds client’s internal logging. Calls to post logs take 250-350 ms and will impact p99 latency, enable with caution.
--authorizer.userCloudsClient.tenantID string UserClouds tenant id. Should be a UUID.
--authorizer.userCloudsClient.tenantUrl string Something like https://{yourtenant}.tenant.userclouds.com
--config string config file (default is /Users/andrew/.union/config.yaml)
--connection.environment string
--connection.region string
--connection.rootTenantURLPattern string Pattern for tenant url. (default “dns:///{{ organization }}.cloud-staging.union.ai”)
--console.endpoint string Endpoint of console, if different than flyte admin
--database.connMaxLifeTime string sets the maximum amount of time a connection may be reused (default “1h0m0s”)
--database.enableForeignKeyConstraintWhenMigrating Whether to enable gorm foreign keys when migrating the db
--database.maxIdleConnections int maxIdleConnections sets the maximum number of connections in the idle connection pool. (default 10)
--database.maxOpenConnections int maxOpenConnections sets the maximum number of open connections to the database. (default 100)
--database.postgres.dbname string The database name (default “postgres”)
--database.postgres.debug
--database.postgres.host string The host name of the database server (default “localhost”)
--database.postgres.options string See http://gorm.io/docs/connecting_to_the_database.html for available options passed, in addition to the above. (default “sslmode=disable”)
--database.postgres.password string The database password. (default “postgres”)
--database.postgres.passwordPath string Points to the file containing the database password.
--database.postgres.port int The port name of the database server (default 30001)
--database.postgres.readReplicaHost string The host name of the read replica database server (default “localhost”)
--database.postgres.username string The database user who is connecting to the server. (default “postgres”)
--database.sqlite.file string The path to the file (existing or new) where the DB should be created / stored. If existing, then this will be re-used, else a new will be created
--db.connectionPool.maxConnectionLifetime string (default “0s”)
--db.connectionPool.maxIdleConnections int
--db.connectionPool.maxOpenConnections int
--db.dbname string (default “postgres”)
--db.debug
--db.host string (default “postgres”)
--db.log_level int (default 4)
--db.options string (default “sslmode=disable”)
--db.password string
--db.passwordPath string
--db.port int (default 5432)
--db.username string (default “postgres”)
-d, --domain string Specifies the Flyte project’s domain.
--files.archive Pass in archive file either an http link or local path.
--files.assumableIamRole string Custom assumable iam auth role to register launch plans with.
--files.continueOnError Continue on error when registering files.
--files.destinationDirectory string Location of source code in container.
--files.dryRun Execute command without making any modifications.
--files.enableSchedule Enable the schedule if the files contain schedulable launchplan.
--files.force Force use of version number on entities registered with flyte.
--files.k8ServiceAccount string Deprecated. Please use --K8sServiceAccount
--files.k8sServiceAccount string Custom kubernetes service account auth role to register launch plans with.
--files.outputLocationPrefix string Custom output location prefix for offloaded types (files/schemas).
--files.sourceUploadPath string Deprecated: Update flyte admin to avoid having to configure storage access from uctl.
--files.version string Version of the entity to be registered with flyte which are un-versioned after serialization.
--logger.formatter.type string Sets logging format type. (default “json”)
--logger.level int Sets the minimum logging level. (default 3)
--logger.mute Mutes all logs regardless of severity. Intended for benchmarks/tests only.
--logger.show-source Includes source code location in logs.
--org string Organization to work on. If not set, default to user’s org.
--otel.file.filename string Filename to store exported telemetry traces (default “/tmp/trace.txt”)
--otel.jaeger.endpoint string Endpoint for the jaeger telemetry trace ingestor (default “http://localhost:14268/api/traces”)
--otel.otlpgrpc.endpoint string Endpoint for the OTLP telemetry trace collector (default “http://localhost:4317”)
--otel.otlphttp.endpoint string Endpoint for the OTLP telemetry trace collector (default “http://localhost:4318/v1/traces”)
--otel.sampler.parentSampler string Sets the parent sampler to use for the tracer (default “always”)
--otel.type string Sets the type of exporter to configure [noop/file/jaeger/otlpgrpc/otlphttp]. (default “noop”)
-o, --output string Specifies the output type - supported formats [TABLE JSON YAML DOT DOTURL]. NOTE: dot, doturl are only supported for Workflow (default “table”)
--plugins.catalogcache.reader.maxItems int Maximum number of entries to keep in the index. (default 10000)
--plugins.catalogcache.reader.maxRetries int Maximum number of retries per item. (default 3)
--plugins.catalogcache.reader.workers int Number of concurrent workers to start processing the queue. (default 10)
--plugins.catalogcache.writer.maxItems int Maximum number of entries to keep in the index. (default 10000)
--plugins.catalogcache.writer.maxRetries int Maximum number of retries per item. (default 3)
--plugins.catalogcache.writer.workers int Number of concurrent workers to start processing the queue. (default 10)
-p, --project string Specifies the Flyte project.
--rediscache.passwordSecretName string Name of secret with Redis password.
--rediscache.primaryEndpoint string Primary endpoint for the redis cache that can be used for both reads and writes.
--rediscache.replicaEndpoint string Replica endpoint for the redis cache that can be used for reads.
--secrets.env-prefix string Prefix for environment variables (default “FLYTE_SECRET_”)
--secrets.secrets-prefix string Prefix where to look for secrets file (default “/etc/secrets”)
--secrets.type string Sets the type of storage to configure [local]. (default “local”)
--server.dataProxy.download.maxExpiresIn string Maximum allowed expiration duration. (default “1h0m0s”)
--server.dataProxy.upload.defaultFileNameLength int Default length for the generated file name if not provided in the request. (default 20)
--server.dataProxy.upload.maxExpiresIn string Maximum allowed expiration duration. (default “1h0m0s”)
--server.dataProxy.upload.maxSize string Maximum allowed upload size. (default “6Mi”)
--server.dataProxy.upload.storagePrefix string Storage prefix to use for all upload requests.
--server.grpc.enableGrpcLatencyMetrics Enable grpc latency metrics. Note Histograms metrics can be expensive on Prometheus servers.
--server.grpc.maxMessageSizeBytes int The max size in bytes for incoming gRPC messages
--server.grpc.port int On which grpc port to serve admin (default 8089)
--server.grpc.serverReflection Enable GRPC Server Reflection (default true)
--server.grpcPort int deprecated
--server.grpcServerReflection deprecated
--server.httpPort int On which http port to serve admin (default 8088)
--server.kube-config string Path to kubernetes client config file, default is empty, useful for incluster config.
--server.kubeClientConfig.burst int Max burst rate for throttle. 0 defaults to 10 (default 25)
--server.kubeClientConfig.qps int32 Max QPS to the master for requests to KubeAPI. 0 defaults to 5. (default 100)
--server.kubeClientConfig.timeout string Max duration allowed for every request to KubeAPI before giving up. 0 implies no timeout. (default “30s”)
--server.master string The address of the Kubernetes API server.
--server.readHeaderTimeoutSeconds int The amount of time allowed to read request headers. (default 32)
--server.security.allowCors (default true)
--server.security.allowedHeaders strings (default [Content-Type,flyte-authorization])
--server.security.allowedOrigins strings (default [*])
--server.security.auditAccess
--server.security.secure
--server.security.ssl.certificateFile string
--server.security.ssl.keyFile string
--server.security.useAuth
--server.thirdPartyConfig.flyteClient.audience string Audience to use when initiating OAuth2 authorization requests.
--server.thirdPartyConfig.flyteClient.clientId string public identifier for the app which handles authorization for a Flyte deployment
--server.thirdPartyConfig.flyteClient.redirectUri string This is the callback uri registered with the app which handles authorization for a Flyte deployment
--server.thirdPartyConfig.flyteClient.scopes strings Recommended scopes for the client to request.
--server.watchService.maxActiveClusterConnections int (default 5)
--server.watchService.maxPageSize int (default 50000)
--server.watchService.nonTerminalStatusUpdatesInterval string (default “1m0s”)
--server.watchService.pollInterval string (default “1s”)
--sharedservice.connectPort string On which connect port to serve admin (default “8080”)
--sharedservice.grpc.grpcMaxResponseStatusBytes int32 specifies the maximum (uncompressed) size of header list that the client is prepared to accept on grpc calls (default 32000)
--sharedservice.grpc.maxConcurrentStreams int Limit on the number of concurrent streams to each ServerTransport. (default 100)
--sharedservice.grpc.maxMessageSizeBytes int Limit on the size of message that can be received on the server. (default 10485760)
--sharedservice.grpcServerReflection Enable GRPC Server Reflection (default true)
--sharedservice.httpPort string On which http port to serve admin (default “8089”)
--sharedservice.kubeConfig string Path to kubernetes client config file.
--sharedservice.master string The address of the Kubernetes API server.
--sharedservice.metrics.enableClientGrpcHistograms Enable client grpc histograms (default true)
--sharedservice.metrics.enableGrpcHistograms Enable grpc histograms (default true)
--sharedservice.metrics.scope string Scope to emit metrics under (default “service:”)
--sharedservice.port string On which grpc port to serve admin (default “8080”)
--sharedservice.profiler.enabled Enable Profiler on server
--sharedservice.profilerPort string Profile port to start listen for pprof and metric handlers on. (default “10254”)
--sharedservice.security.allowCors
--sharedservice.security.allowLocalhostAccess Whether to permit localhost unauthenticated access to the server
--sharedservice.security.allowedHeaders strings
--sharedservice.security.allowedOrigins strings
--sharedservice.security.auditAccess
--sharedservice.security.orgOverride string Override org in identity context if localhost access enabled
--sharedservice.security.secure
--sharedservice.security.ssl.certificateAuthorityFile string
--sharedservice.security.ssl.certificateFile string
--sharedservice.security.ssl.keyFile string
--sharedservice.security.useAuth
--sharedservice.sync.syncInterval string Time interval to sync (default “5m0s”)
--storage.cache.max_size_mbs int Maximum size of the cache where the Blob store data is cached in-memory. If not specified or set to 0, cache is not used
--storage.cache.target_gc_percent int Sets the garbage collection target percentage.
--storage.connection.access-key string Access key to use. Only required when authtype is set to accesskey.
--storage.connection.auth-type string Auth Type to use [iam, accesskey]. (default “iam”)
--storage.connection.disable-ssl Disables SSL connection. Should only be used for development.
--storage.connection.endpoint string URL for storage client to connect to.
--storage.connection.region string Region to connect to. (default “us-east-1”)
--storage.connection.secret-key string Secret to use when accesskey is set.
--storage.container string Initial container (in s3 a bucket) to create -if it doesn’t exist-.'
--storage.defaultHttpClient.timeout string Sets time out on the http client. (default “0s”)
--storage.enable-multicontainer If this is true, then the container argument is overlooked and redundant. This config will automatically open new connections to new containers/buckets as they are encountered
--storage.limits.maxDownloadMBs int Maximum allowed download size (in MBs) per call. (default 2)
--storage.stow.config stringToString Configuration for stow backend. Refer to github/flyteorg/stow (default [])
--storage.stow.kind string Kind of Stow backend to use. Refer to github/flyteorg/stow
--storage.type string Sets the type of storage to configure [s3/minio/local/mem/stow]. (default “s3”)
--union.auth.authorizationMetadataKey string Authorization Header to use when passing Access Tokens to the server (default “flyte-authorization”)
--union.auth.clientId string Client ID
--union.auth.clientSecretEnvVar string Environment variable containing the client secret
--union.auth.clientSecretLocation string File containing the client secret
--union.auth.deviceFlow.pollInterval string amount of time the device flow would poll the token endpoint if auth server doesn’t return a polling interval. Okta and google IDP do return an interval’ (default “5s”)
--union.auth.deviceFlow.refreshTime string grace period from the token expiry after which it would refresh the token. (default “5m0s”)
--union.auth.deviceFlow.timeout string amount of time the device flow should complete or else it will be cancelled. (default “10m0s”)
--union.auth.enable Whether to enable an authenticated conenction when communicating with admin. (default true)
--union.auth.externalAuth.command strings Command for external authentication token generation
--union.auth.pkce.refreshTime string grace period from the token expiry after which it would refresh the token. (default “5m0s”)
--union.auth.pkce.timeout string Amount of time the browser session would be active for authentication from client app. (default “15s”)
--union.auth.scopes strings List of scopes to request
--union.auth.tokenRefreshWindow string Max duration between token refresh attempt and token expiry. (default “1h0m0s”)
--union.auth.tokenUrl string OPTIONAL: Your IdP’s token endpoint. It’ll be discovered from flyte admin’s OAuth Metadata endpoint if not provided.
--union.auth.type string Type of OAuth2 flow used for communicating with admin. (default “Pkce”)
--union.cache.maxItemsCount int Maximum number of items to keep in the cache before evicting. (default 1000)
--union.connection.host string Host to connect to (default “dns:///utt-mgdp-stg-us-east-2.cloud-staging.union.ai”)
--union.connection.insecure Whether to connect over insecure channel
--union.connection.insecureSkipVerify InsecureSkipVerify controls whether a client verifies the server’s certificate chain and host name.Caution: shouldn’t be use for production usecases'
--union.connection.keepAliveConfig.permitWithoutStream If true, client sends keepalive pings even with no active RPCs.
--union.connection.keepAliveConfig.time string After a duration of this time if the client doesn’t see any activity it pings the server to see if the transport is still alive. (default “20s”)
--union.connection.keepAliveConfig.timeout string After having pinged for keepalive check, the client waits for a duration of Timeout and if no activity is seen even after that the connection is closed. (default “2m0s”)
--union.connection.maxBackoffDelay string Max delay for grpc backoff (default “8s”)
--union.connection.maxRecvMsgSize int Maximum size of a message in bytes of a gRPC message (default 10485760)
--union.connection.maxRetries int Max number of gRPC retries (default 4)
--union.connection.minConnectTimeout string Minimum timeout for establishing a connection (default “20s”)
--union.connection.perRetryTimeout string gRPC per retry timeout (default “15s”)
--union.connection.serviceConfig string Defines gRPC experimental JSON Service Config (default “{“loadBalancingConfig”: [{“round_robin”:{}}]}”)
--union.connection.trustedIdentityClaims.enabled Enables passing of trusted claims while making inter service calls
--union.connection.trustedIdentityClaims.externalIdentityClaim string External identity claim of the service which is authorized to make internal service call. These are verified against userclouds actions
--union.connection.trustedIdentityClaims.externalIdentityTypeClaim string External identity type claim of app or user to use for the current service identity. It should be an ‘app’ for inter service communication
--union.internalConnectionConfig.- stringToString (default [])
--union.internalConnectionConfig.enabled Enables internal service to service communication instead of going through ingress.
--union.internalConnectionConfig.urlPattern string UrlPattern of the internal service endpoints. (default “{{ service }}-helmchart.{{ service }}.svc.cluster.local:80”)
--webhook.awsSecretManager.sidecarImage string Specifies the sidecar docker image to use (default “docker.io/amazon/aws-secrets-manager-secret-sidecar:v0.1.4”)
--webhook.certDir string Certificate directory to use to write generated certs. Defaults to /etc/webhook/certs/ (default “/etc/webhook/certs”)
--webhook.embeddedSecretManagerConfig.awsConfig.region string AWS region
--webhook.embeddedSecretManagerConfig.fileMountInitContainer.image string Specifies init container image to use for mounting secrets as files. (default “busybox:1.28”)
--webhook.embeddedSecretManagerConfig.gcpConfig.project string GCP project to be used for secret manager
--webhook.embeddedSecretManagerConfig.type string (default “AWS”)
--webhook.gcpSecretManager.sidecarImage string Specifies the sidecar docker image to use (default “gcr.io/google.com/cloudsdktool/cloud-sdk:alpine”)
--webhook.listenPort int The port to use to listen to webhook calls. Defaults to 9443 (default 9443)
--webhook.localCert write certs locally. Defaults to false
--webhook.metrics-prefix string An optional prefix for all published metrics. (default “flyte:”)
--webhook.secretName string Secret name to write generated certs to. (default “flyte-pod-webhook”)
--webhook.serviceName string The name of the webhook service. (default “flyte-pod-webhook”)
--webhook.servicePort int32 The port on the service that hosting webhook. (default 443)
--webhook.vaultSecretManager.role string Specifies the vault role to use (default “flyte”)