From c848b84747c61aad5d14677a249b82af21d8ee16 Mon Sep 17 00:00:00 2001 From: Richard Wall Date: Thu, 12 Dec 2024 09:41:57 +0000 Subject: [PATCH 1/2] Fix some grammatical mistakes and typos in the comments of Helm chart values.yaml Signed-off-by: Richard Wall --- deploy/charts/istio-csr/values.yaml | 48 ++++++++++++++--------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/deploy/charts/istio-csr/values.yaml b/deploy/charts/istio-csr/values.yaml index b262bebc..c9b9cd03 100644 --- a/deploy/charts/istio-csr/values.yaml +++ b/deploy/charts/istio-csr/values.yaml @@ -1,9 +1,9 @@ -# nameOverride replaces the name of the chart in the Chart.yaml file, when this +# nameOverride replaces the name of the chart in the Chart.yaml file when this # is used to construct Kubernetes object names. # +docs:property # nameOverride: istio-csr -# Number of replicas of istio-csr to run. +# The number of replicas of istio-csr to run. replicaCount: 1 image: @@ -35,11 +35,11 @@ image: imagePullSecrets: [] service: - # Service type to expose istio-csr gRPC service. + # Service type to expose the istio-csr gRPC service. type: ClusterIP - # Service port to expose istio-csr gRPC service. + # Service port to expose the istio-csr gRPC service. port: 443 - # Service nodePort to expose istio-csr gRPC service. + # Service nodePort to expose the istio-csr gRPC service. # +docs:type=number # +docs:property # nodePort: @@ -56,7 +56,7 @@ app: port: 9402 # Service to expose metrics endpoint. service: - # Create a Service resource to expose metrics endpoint. + # Create a Service resource to expose the metrics endpoint. enabled: true # Service type to expose metrics. type: ClusterIP @@ -68,7 +68,7 @@ app: # for multiple Prometheus instances selecting different ServiceMonitors # using label selectors. prometheusInstance: default - # The interval that the Prometheus will scrape for metrics. + # The interval at which Prometheus will scrape for metrics. interval: 10s # The timeout on each metric probe request. scrapeTimeout: 5s @@ -93,8 +93,8 @@ app: # Name of a ConfigMap in the installation namespace to watch, providing # runtime configuration of an issuer to use. # - # If create is set to true then this name is used to create the ConfigMap, - # otherwise the ConfigMap must exist and the "issuer-name", "issuer-kind" + # If create is set to true, then this name is used to create the ConfigMap, + # otherwise the ConfigMap must exist, and the "issuer-name", "issuer-kind" # and "issuer-group" keys must be present in it. name: "" @@ -110,9 +110,9 @@ app: group: cert-manager.io readinessProbe: - # Container port to expose istio-csr HTTP readiness probe on default network interface. + # Container port to expose the istio-csr HTTP readiness probe on the default network interface. port: 6060 - # Path to expose istio-csr HTTP readiness probe on default network interface. + # Path to expose the istio-csr HTTP readiness probe on the default network interface. path: "/readyz" certmanager: @@ -120,7 +120,7 @@ app: # certificate and incoming gRPC CSRs. namespace: istio-system # Don't delete created CertificateRequests once they have been signed. - # WARNING: do not enable this option in production, or environments with + # WARNING: Do not enable this option in production, or environments with # any non-trivial number of workloads for an extended period of time. Doing # so will balloon the resource consumption of both ETCD and the API server, # leading to errors and slow down. This option is intended for debugging @@ -136,10 +136,10 @@ app: # Enable the default issuer, this is the issuer used when no runtime # configuration is provided. # - # When enabled the istio-csr Pod will not be "Ready" until the issuer + # When enabled, the istio-csr Pod will not be "Ready" until the issuer # has been used to issue the istio-csr GRPC certificate. # - # For istio-csr to function either this or runtime configuration must be + # For istio-csr to function, either this or runtime configuration must be # enabled. enabled: true # Issuer name set on created CertificateRequests for both istio-csr's @@ -164,7 +164,7 @@ app: # of these DNS names. certificateDNSNames: - cert-manager-istio-csr.cert-manager.svc - # Requested duration of gRPC serving certificate. Will be automatically + # Requested duration of the gRPC serving certificate. Will be automatically # renewed. # Based on [NIST 800-204A recommendations (SM-DR13)](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-204A.pdf). certificateDuration: 1h @@ -183,7 +183,7 @@ app: istiodCertificateRenewBefore: 30m # Private key algorithm to use. For backwards compatibility, defaults to the same value as app.server.serving.signatureAlgorithm istiodPrivateKeyAlgorithm: "" - # Parameter for istiod certificate key. For RSA, must be a number of bits >= 2048. For ECDSA, can only be 256 or 384, corresponding to P-256 and P-384 respectively. + # Parameter for the istiod certificate key. For RSA, must be a number of bits >= 2048. For ECDSA, can only be 256 or 384, corresponding to P-256 and P-384 respectively. istiodPrivateKeySize: 2048 # Provide additional DNS names to request on the istiod certificate. Useful if istiod # should be accessible via multiple DNS names and/or outside of the cluster. @@ -202,16 +202,16 @@ app: # Based on [NIST 800-204A recommendations (SM-DR13)](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-204A.pdf). maxCertificateDuration: 1h serving: - # Container address to serve istio-csr gRPC service. + # Container address to serve the istio-csr gRPC service. address: 0.0.0.0 - # Container port to serve istio-csr gRPC service. + # Container port to serve the istio-csr gRPC service. port: 6443 - # Parameter for serving certificate key. For RSA, must be a number of bits >= 2048. For ECDSA, can only be 256 or 384, corresponding to P-256 and P-384 respectively. + # Parameter for the serving certificate key. For RSA, must be a number of bits >= 2048. For ECDSA, can only be 256 or 384, corresponding to P-256 and P-384 respectively. certificateKeySize: 2048 # The type of private key to generate for the serving certificate. Only RSA (default) and ECDSA are supported. # NB: This variable is named incorrectly; it controls private key algorithm, not signature algorithm. signatureAlgorithm: "RSA" - # A comma-separated list of service accounts that are allowed to use node authentication for CSRs, eg. "istio-system/ztunnel". + # A comma-separated list of service accounts that are allowed to use node authentication for CSRs, e.g. "istio-system/ztunnel". caTrustedNodeAccounts: "" istio: @@ -231,7 +231,7 @@ app: controller: leaderElectionNamespace: istio-system - # If set, limit where istio-csr creates configmaps with root ca certificates. If unset, configmap created in ALL namespaces. + # If set, limit where istio-csr creates configmaps with root CA certificates. If unset, configmap created in ALL namespaces. # Example: maistra.io/member-of=istio-system # +docs:type=string # +docs:property @@ -239,9 +239,9 @@ app: # Allows you to disable the default Kubernetes client rate limiter if # istio-csr is exceeding the default QPS (5) and Burst (10) limits. - # For example in large clusters with many Istio workloads, restarting the Pods may cause - # istio-csr to send bursts Kubernetes API requests that exceed the limits of - # the default Kubernetes client rate limiter and istio-csr will become slow to issue + # For example, in large clusters with many Istio workloads, restarting the Pods may cause + # istio-csr to send bursts of Kubernetes API requests that exceed the limits of + # the default Kubernetes client rate limiter, and istio-csr will become slow to issue # certificates for your workloads. # Only disable client rate limiting if the Kubernetes API server supports # [API Priority and Fairness](https://kubernetes.io/docs/concepts/cluster-administration/flow-control/), From 8e1b020792337f4b060e42b12c16051d9c65c7a1 Mon Sep 17 00:00:00 2001 From: Richard Wall Date: Thu, 12 Dec 2024 09:52:20 +0000 Subject: [PATCH 2/2] make generate Signed-off-by: Richard Wall --- deploy/charts/istio-csr/README.md | 42 +++++++++++----------- deploy/charts/istio-csr/values.schema.json | 40 ++++++++++----------- 2 files changed, 41 insertions(+), 41 deletions(-) diff --git a/deploy/charts/istio-csr/README.md b/deploy/charts/istio-csr/README.md index f199a534..a0d101d5 100644 --- a/deploy/charts/istio-csr/README.md +++ b/deploy/charts/istio-csr/README.md @@ -8,7 +8,7 @@ #### **nameOverride** ~ `string` -nameOverride replaces the name of the chart in the Chart.yaml file, when this is used to construct Kubernetes object names. +nameOverride replaces the name of the chart in the Chart.yaml file when this is used to construct Kubernetes object names. #### **replicaCount** ~ `number` > Default value: @@ -16,7 +16,7 @@ nameOverride replaces the name of the chart in the Chart.yaml file, when this is > 1 > ``` -Number of replicas of istio-csr to run. +The number of replicas of istio-csr to run. #### **image.registry** ~ `string` Target image registry. This value is prepended to the target image repository, if set. @@ -67,17 +67,17 @@ Optional secrets used for pulling the istio-csr container image. > ClusterIP > ``` -Service type to expose istio-csr gRPC service. +Service type to expose the istio-csr gRPC service. #### **service.port** ~ `number` > Default value: > ```yaml > 443 > ``` -Service port to expose istio-csr gRPC service. +Service port to expose the istio-csr gRPC service. #### **service.nodePort** ~ `number` -Service nodePort to expose istio-csr gRPC service. +Service nodePort to expose the istio-csr gRPC service. #### **app.logLevel** ~ `number` @@ -107,7 +107,7 @@ Port for exposing Prometheus metrics on 0.0.0.0 on path '/metrics'. > true > ``` -Create a Service resource to expose metrics endpoint. +Create a Service resource to expose the metrics endpoint. #### **app.metrics.service.type** ~ `string` > Default value: > ```yaml @@ -135,7 +135,7 @@ The value for the "prometheus" label on the ServiceMonitor. This allows for mult > 10s > ``` -The interval that the Prometheus will scrape for metrics. +The interval at which Prometheus will scrape for metrics. #### **app.metrics.service.servicemonitor.scrapeTimeout** ~ `string` > Default value: > ```yaml @@ -165,7 +165,7 @@ Create the runtime-configuration ConfigMap. Name of a ConfigMap in the installation namespace to watch, providing runtime configuration of an issuer to use. -If create is set to true then this name is used to create the ConfigMap, otherwise the ConfigMap must exist and the "issuer-name", "issuer-kind" and "issuer-group" keys must be present in it. +If create is set to true, then this name is used to create the ConfigMap, otherwise the ConfigMap must exist, and the "issuer-name", "issuer-kind" and "issuer-group" keys must be present in it. #### **app.runtimeConfiguration.issuer.name** ~ `string` > Default value: > ```yaml @@ -193,14 +193,14 @@ Issuer group name set on created CertificateRequests for both istio-csr's servin > 6060 > ``` -Container port to expose istio-csr HTTP readiness probe on default network interface. +Container port to expose the istio-csr HTTP readiness probe on the default network interface. #### **app.readinessProbe.path** ~ `string` > Default value: > ```yaml > /readyz > ``` -Path to expose istio-csr HTTP readiness probe on default network interface. +Path to expose the istio-csr HTTP readiness probe on the default network interface. #### **app.certmanager.namespace** ~ `string` > Default value: > ```yaml @@ -214,7 +214,7 @@ Namespace to create CertificateRequests for both istio-csr's serving certificate > false > ``` -Don't delete created CertificateRequests once they have been signed. WARNING: do not enable this option in production, or environments with any non-trivial number of workloads for an extended period of time. Doing so will balloon the resource consumption of both ETCD and the API server, leading to errors and slow down. This option is intended for debugging purposes only, for limited periods of time. +Don't delete created CertificateRequests once they have been signed. WARNING: Do not enable this option in production, or environments with any non-trivial number of workloads for an extended period of time. Doing so will balloon the resource consumption of both ETCD and the API server, leading to errors and slow down. This option is intended for debugging purposes only, for limited periods of time. #### **app.certmanager.additionalAnnotations** ~ `array` > Default value: > ```yaml @@ -237,9 +237,9 @@ additionalAnnotations: Enable the default issuer, this is the issuer used when no runtime configuration is provided. -When enabled the istio-csr Pod will not be "Ready" until the issuer has been used to issue the istio-csr GRPC certificate. +When enabled, the istio-csr Pod will not be "Ready" until the issuer has been used to issue the istio-csr GRPC certificate. -For istio-csr to function either this or runtime configuration must be enabled. +For istio-csr to function, either this or runtime configuration must be enabled. #### **app.certmanager.issuer.name** ~ `string` > Default value: > ```yaml @@ -286,7 +286,7 @@ An optional file location to a PEM encoded root CA that the root CA. ConfigMap i > 1h > ``` -Requested duration of gRPC serving certificate. Will be automatically renewed. Based on [NIST 800-204A recommendations (SM-DR13)](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-204A.pdf). +Requested duration of the gRPC serving certificate. Will be automatically renewed. Based on [NIST 800-204A recommendations (SM-DR13)](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-204A.pdf). #### **app.tls.istiodCertificateEnable** ~ `boolean,string,null` > Default value: > ```yaml @@ -323,7 +323,7 @@ Private key algorithm to use. For backwards compatibility, defaults to the same > 2048 > ``` -Parameter for istiod certificate key. For RSA, must be a number of bits >= 2048. For ECDSA, can only be 256 or 384, corresponding to P-256 and P-384 respectively. +Parameter for the istiod certificate key. For RSA, must be a number of bits >= 2048. For ECDSA, can only be 256 or 384, corresponding to P-256 and P-384 respectively. #### **app.tls.istiodAdditionalDNSNames** ~ `array` > Default value: > ```yaml @@ -358,21 +358,21 @@ Maximum validity duration that can be requested for a certificate. istio-csr wil > 0.0.0.0 > ``` -Container address to serve istio-csr gRPC service. +Container address to serve the istio-csr gRPC service. #### **app.server.serving.port** ~ `number` > Default value: > ```yaml > 6443 > ``` -Container port to serve istio-csr gRPC service. +Container port to serve the istio-csr gRPC service. #### **app.server.serving.certificateKeySize** ~ `number` > Default value: > ```yaml > 2048 > ``` -Parameter for serving certificate key. For RSA, must be a number of bits >= 2048. For ECDSA, can only be 256 or 384, corresponding to P-256 and P-384 respectively. +Parameter for the serving certificate key. For RSA, must be a number of bits >= 2048. For ECDSA, can only be 256 or 384, corresponding to P-256 and P-384 respectively. #### **app.server.serving.signatureAlgorithm** ~ `string` > Default value: > ```yaml @@ -386,7 +386,7 @@ The type of private key to generate for the serving certificate. Only RSA (defau > "" > ``` -A comma-separated list of service accounts that are allowed to use node authentication for CSRs, eg. "istio-system/ztunnel". +A comma-separated list of service accounts that are allowed to use node authentication for CSRs, e.g. "istio-system/ztunnel". #### **app.istio.revisions[0]** ~ `string` > Default value: > ```yaml @@ -406,7 +406,7 @@ The namespace where the istio control-plane is running. > ``` #### **app.controller.configmapNamespaceSelector** ~ `string` -If set, limit where istio-csr creates configmaps with root ca certificates. If unset, configmap created in ALL namespaces. +If set, limit where istio-csr creates configmaps with root CA certificates. If unset, configmap created in ALL namespaces. Example: maistra.io/member-of=istio-system @@ -416,7 +416,7 @@ Example: maistra.io/member-of=istio-system > false > ``` -Allows you to disable the default Kubernetes client rate limiter if istio-csr is exceeding the default QPS (5) and Burst (10) limits. For example in large clusters with many Istio workloads, restarting the Pods may cause istio-csr to send bursts Kubernetes API requests that exceed the limits of the default Kubernetes client rate limiter and istio-csr will become slow to issue certificates for your workloads. Only disable client rate limiting if the Kubernetes API server supports +Allows you to disable the default Kubernetes client rate limiter if istio-csr is exceeding the default QPS (5) and Burst (10) limits. For example, in large clusters with many Istio workloads, restarting the Pods may cause istio-csr to send bursts of Kubernetes API requests that exceed the limits of the default Kubernetes client rate limiter, and istio-csr will become slow to issue certificates for your workloads. Only disable client rate limiting if the Kubernetes API server supports [API Priority and Fairness](https://kubernetes.io/docs/concepts/cluster-administration/flow-control/), to avoid overloading the server. #### **deploymentLabels** ~ `object` diff --git a/deploy/charts/istio-csr/values.schema.json b/deploy/charts/istio-csr/values.schema.json index 64f383e9..dabe7490 100644 --- a/deploy/charts/istio-csr/values.schema.json +++ b/deploy/charts/istio-csr/values.schema.json @@ -157,7 +157,7 @@ }, "helm-values.app.certmanager.issuer.enabled": { "default": true, - "description": "Enable the default issuer, this is the issuer used when no runtime configuration is provided.\n\nWhen enabled the istio-csr Pod will not be \"Ready\" until the issuer has been used to issue the istio-csr GRPC certificate.\n\nFor istio-csr to function either this or runtime configuration must be enabled.", + "description": "Enable the default issuer, this is the issuer used when no runtime configuration is provided.\n\nWhen enabled, the istio-csr Pod will not be \"Ready\" until the issuer has been used to issue the istio-csr GRPC certificate.\n\nFor istio-csr to function, either this or runtime configuration must be enabled.", "type": "boolean" }, "helm-values.app.certmanager.issuer.group": { @@ -182,7 +182,7 @@ }, "helm-values.app.certmanager.preserveCertificateRequests": { "default": false, - "description": "Don't delete created CertificateRequests once they have been signed. WARNING: do not enable this option in production, or environments with any non-trivial number of workloads for an extended period of time. Doing so will balloon the resource consumption of both ETCD and the API server, leading to errors and slow down. This option is intended for debugging purposes only, for limited periods of time.", + "description": "Don't delete created CertificateRequests once they have been signed. WARNING: Do not enable this option in production, or environments with any non-trivial number of workloads for an extended period of time. Doing so will balloon the resource consumption of both ETCD and the API server, leading to errors and slow down. This option is intended for debugging purposes only, for limited periods of time.", "type": "boolean" }, "helm-values.app.controller": { @@ -201,12 +201,12 @@ "type": "object" }, "helm-values.app.controller.configmapNamespaceSelector": { - "description": "If set, limit where istio-csr creates configmaps with root ca certificates. If unset, configmap created in ALL namespaces.\nExample: maistra.io/member-of=istio-system", + "description": "If set, limit where istio-csr creates configmaps with root CA certificates. If unset, configmap created in ALL namespaces.\nExample: maistra.io/member-of=istio-system", "type": "string" }, "helm-values.app.controller.disableKubernetesClientRateLimiter": { "default": false, - "description": "Allows you to disable the default Kubernetes client rate limiter if istio-csr is exceeding the default QPS (5) and Burst (10) limits. For example in large clusters with many Istio workloads, restarting the Pods may cause istio-csr to send bursts Kubernetes API requests that exceed the limits of the default Kubernetes client rate limiter and istio-csr will become slow to issue certificates for your workloads. Only disable client rate limiting if the Kubernetes API server supports\n[API Priority and Fairness](https://kubernetes.io/docs/concepts/cluster-administration/flow-control/),\nto avoid overloading the server.", + "description": "Allows you to disable the default Kubernetes client rate limiter if istio-csr is exceeding the default QPS (5) and Burst (10) limits. For example, in large clusters with many Istio workloads, restarting the Pods may cause istio-csr to send bursts of Kubernetes API requests that exceed the limits of the default Kubernetes client rate limiter, and istio-csr will become slow to issue certificates for your workloads. Only disable client rate limiting if the Kubernetes API server supports\n[API Priority and Fairness](https://kubernetes.io/docs/concepts/cluster-administration/flow-control/),\nto avoid overloading the server.", "type": "boolean" }, "helm-values.app.controller.leaderElectionNamespace": { @@ -284,7 +284,7 @@ }, "helm-values.app.metrics.service.enabled": { "default": true, - "description": "Create a Service resource to expose metrics endpoint.", + "description": "Create a Service resource to expose the metrics endpoint.", "type": "boolean" }, "helm-values.app.metrics.service.servicemonitor": { @@ -315,7 +315,7 @@ }, "helm-values.app.metrics.service.servicemonitor.interval": { "default": "10s", - "description": "The interval that the Prometheus will scrape for metrics.", + "description": "The interval at which Prometheus will scrape for metrics.", "type": "string" }, "helm-values.app.metrics.service.servicemonitor.labels": { @@ -352,12 +352,12 @@ }, "helm-values.app.readinessProbe.path": { "default": "/readyz", - "description": "Path to expose istio-csr HTTP readiness probe on default network interface.", + "description": "Path to expose the istio-csr HTTP readiness probe on the default network interface.", "type": "string" }, "helm-values.app.readinessProbe.port": { "default": 6060, - "description": "Container port to expose istio-csr HTTP readiness probe on default network interface.", + "description": "Container port to expose the istio-csr HTTP readiness probe on the default network interface.", "type": "number" }, "helm-values.app.runtimeConfiguration": { @@ -412,7 +412,7 @@ }, "helm-values.app.runtimeConfiguration.name": { "default": "", - "description": "Name of a ConfigMap in the installation namespace to watch, providing runtime configuration of an issuer to use.\n\nIf create is set to true then this name is used to create the ConfigMap, otherwise the ConfigMap must exist and the \"issuer-name\", \"issuer-kind\" and \"issuer-group\" keys must be present in it.", + "description": "Name of a ConfigMap in the installation namespace to watch, providing runtime configuration of an issuer to use.\n\nIf create is set to true, then this name is used to create the ConfigMap, otherwise the ConfigMap must exist, and the \"issuer-name\", \"issuer-kind\" and \"issuer-group\" keys must be present in it.", "type": "string" }, "helm-values.app.runtimeIssuanceConfigMap": { @@ -457,7 +457,7 @@ }, "helm-values.app.server.caTrustedNodeAccounts": { "default": "", - "description": "A comma-separated list of service accounts that are allowed to use node authentication for CSRs, eg. \"istio-system/ztunnel\".", + "description": "A comma-separated list of service accounts that are allowed to use node authentication for CSRs, e.g. \"istio-system/ztunnel\".", "type": "string" }, "helm-values.app.server.clusterID": { @@ -490,17 +490,17 @@ }, "helm-values.app.server.serving.address": { "default": "0.0.0.0", - "description": "Container address to serve istio-csr gRPC service.", + "description": "Container address to serve the istio-csr gRPC service.", "type": "string" }, "helm-values.app.server.serving.certificateKeySize": { "default": 2048, - "description": "Parameter for serving certificate key. For RSA, must be a number of bits >= 2048. For ECDSA, can only be 256 or 384, corresponding to P-256 and P-384 respectively.", + "description": "Parameter for the serving certificate key. For RSA, must be a number of bits >= 2048. For ECDSA, can only be 256 or 384, corresponding to P-256 and P-384 respectively.", "type": "number" }, "helm-values.app.server.serving.port": { "default": 6443, - "description": "Container port to serve istio-csr gRPC service.", + "description": "Container port to serve the istio-csr gRPC service.", "type": "number" }, "helm-values.app.server.serving.signatureAlgorithm": { @@ -556,7 +556,7 @@ }, "helm-values.app.tls.certificateDuration": { "default": "1h", - "description": "Requested duration of gRPC serving certificate. Will be automatically renewed. Based on [NIST 800-204A recommendations (SM-DR13)](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-204A.pdf).", + "description": "Requested duration of the gRPC serving certificate. Will be automatically renewed. Based on [NIST 800-204A recommendations (SM-DR13)](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-204A.pdf).", "type": "string" }, "helm-values.app.tls.istiodAdditionalDNSNames": { @@ -586,7 +586,7 @@ }, "helm-values.app.tls.istiodPrivateKeySize": { "default": 2048, - "description": "Parameter for istiod certificate key. For RSA, must be a number of bits >= 2048. For ECDSA, can only be 256 or 384, corresponding to P-256 and P-384 respectively.", + "description": "Parameter for the istiod certificate key. For RSA, must be a number of bits >= 2048. For ECDSA, can only be 256 or 384, corresponding to P-256 and P-384 respectively.", "type": "number" }, "helm-values.app.tls.rootCAFile": { @@ -671,7 +671,7 @@ "type": "array" }, "helm-values.nameOverride": { - "description": "nameOverride replaces the name of the chart in the Chart.yaml file, when this is used to construct Kubernetes object names.", + "description": "nameOverride replaces the name of the chart in the Chart.yaml file when this is used to construct Kubernetes object names.", "type": "string" }, "helm-values.nodeSelector": { @@ -693,7 +693,7 @@ }, "helm-values.replicaCount": { "default": 1, - "description": "Number of replicas of istio-csr to run.", + "description": "The number of replicas of istio-csr to run.", "type": "number" }, "helm-values.resources": { @@ -766,17 +766,17 @@ "type": "object" }, "helm-values.service.nodePort": { - "description": "Service nodePort to expose istio-csr gRPC service.", + "description": "Service nodePort to expose the istio-csr gRPC service.", "type": "number" }, "helm-values.service.port": { "default": 443, - "description": "Service port to expose istio-csr gRPC service.", + "description": "Service port to expose the istio-csr gRPC service.", "type": "number" }, "helm-values.service.type": { "default": "ClusterIP", - "description": "Service type to expose istio-csr gRPC service.", + "description": "Service type to expose the istio-csr gRPC service.", "type": "string" }, "helm-values.tolerations": {