Configuration

Lieutenant Operator is configured via environment variables:

Environment Variable Description Default

VAULT_ADDR

Sets the address to the Vault instance

VAULT_TOKEN

Sets the Vault token to be used, only recommended for testing. In production the K8s authentication should be used by omitting the setting.

VAULT_SECRET_ENGINE_PATH

Configures the mount path of the KV secret engine to be used.

kv

SKIP_VAULT_SETUP

Doesn’t create any Vault secrets. Recommended for testing only.

false

DEFAULT_DELETION_POLICY

Sets what deletion policy for external resources (Git, Vault) should be used by default. One of Archive, Delete, Retain. See Explanation/Object Deletion for more information.

Archive

LIEUTENANT_DELETE_PROTECTION

Defines whether the annotation to protect for accidental deletion should be set by default. See Explanation/Object Deletion for more information.

true

LIEUTENANT_SYNC_DURATION

Defines with what frequency the CRs will be synced

5m

DEFAULT_GLOBAL_GIT_REPO_URL

URL of the default global configuration git repository. Its value will be applied to tenant.Spec.GlobalGitRepoURL if not set otherwise. If left empty, the GlobalGitRepoURL field will remain untouched.