apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ template "appmesh-spire-agent.fullname" . }}
  labels:
{{ include "appmesh-spire-agent.labels" . | indent 4 }}
data:
  agent.conf: |
    agent {
      data_dir = "/run/spire"
      log_level = "{{ .Values.config.logLevel }}"
      server_address = "{{ .Values.config.serverAddress }}"
      server_port = "{{ .Values.config.serverPort }}"
      socket_path = "{{ .Values.config.socketPath }}"
      trust_bundle_path = "/run/spire/bundle/bundle.crt"
      trust_domain = "{{ .Values.config.trustDomain }}"
    }

    plugins {
      NodeAttestor "k8s_psat" {
        plugin_data {
          cluster = "{{ .Values.config.clusterName }}"
        }
      }

      KeyManager "memory" {
        plugin_data {
        }
      }

      WorkloadAttestor "k8s" {
        plugin_data {
          skip_kubelet_verification = true
        }
      }

      WorkloadAttestor "unix" {
          plugin_data {
          }
      }
    }

    health_checks {
      listener_enabled = true
      bind_address = "0.0.0.0"
      bind_port = "8080"
      live_path = "/live"
      ready_path = "/ready"
    }