# CloudNativePG Operator Helm Values
# Chart: https://github.com/cloudnative-pg/charts

# Operator image
image:
  repository: ghcr.io/cloudnative-pg/cloudnative-pg
  tag: 1.25.1
  pullPolicy: IfNotPresent

# Replica count for operator
replicaCount: 1

# Resource requests for operator
resources:
  requests:
    cpu: 15m
    memory: 121Mi
  limits:
    memory: 121Mi

# RBAC
rbac:
  create: true

# Service Account
serviceAccount:
  create: true
  name: cnpg-operator

# Monitoring
monitoring:
  # Enable Prometheus PodMonitor
  podMonitorEnabled: true

  # Grafana Dashboard auto-creation disabled due to ConfigMap size limit
  # Dashboard can be manually imported from Grafana.com (ID: 20417)
  # https://grafana.com/grafana/dashboards/20417-cloudnativepg/
  grafanaDashboard:
    create: false

# Webhook configuration
webhook:
  port: 9443
  mutating:
    create: true
  validating:
    create: true

# Operator configuration
config:
  # Data checksums for PostgreSQL
  data:
    INHERITED_ANNOTATIONS: "cert-manager.io/*, argocd.argoproj.io/*"
    INHERITED_LABELS: "app.kubernetes.io/*"

    # Monitoring queries interval
    MONITORING_QUERIES_CONFIGMAP: ""
    MONITORING_QUERIES_SECRET: ""

# CRD configuration
crds:
  create: true

# Node selector
nodeSelector: {}

# Tolerations
tolerations: []

# High priority for critical database operator
priorityClassName: high-priority

# Affinity - Soft Anti-Affinity to spread pods across nodes
affinity:
  podAntiAffinity:
    preferredDuringSchedulingIgnoredDuringExecution:
      - weight: 100
        podAffinityTerm:
          labelSelector:
            matchLabels:
              app.kubernetes.io/name: cloudnative-pg
          topologyKey: kubernetes.io/hostname

# Security context
securityContext:
  allowPrivilegeEscalation: false
  readOnlyRootFilesystem: true
  runAsNonRoot: true
  runAsUser: 10001
  capabilities:
    drop:
      - ALL
  seccompProfile:
    type: RuntimeDefault