Package Values
UDS Packages expose configuration through Zarf Values, a structured mechanism for passing Helm chart values at deploy time. In general, expose most non-sensitive chart values and restrict values that would break package integrity or weaken security, such as image references, ingress, or security settings.
Values structure
Section titled “Values structure”Define the top-level values key in your root zarf.yaml and reference:
- A
zarf-values.yamlfor defaults - A
zarf-values.schema.jsonfor validation
The schema should follow JSON Schema and focus on validating common user-facing values. Keep deeply nested validation practical to avoid fragile schemas as charts and Kubernetes APIs evolve.
Add value mappings (sourcePath and targetPath) near your chart definitions (commonly in common/zarf.yaml). Keep mappings as flat as practical and expose the highest sensible node in the values tree.
If the list of mappings gets unwieldy, consider inverting the mappings using higher level keys with excludePaths instead.
For shared values across multiple charts (for example domain), use a shared key to reduce configuration drift.
Example configuration
Section titled “Example configuration”The following example shows a complete values setup for an nginx package.
Define values and map them into chart values within the Zarf package definition:
kind: ZarfPackageConfigmetadata: name: nginx description: UDS Common Nginx Example
components: - name: nginx required: true charts: - name: uds-nginx-config namespace: nginx version: 0.1.0 localPath: ../chart values: - sourcePath: .uds-nginx-config targetPath: . - name: nginx version: 0.1.0 namespace: nginx localPath: ../src/nginx valuesFiles: - ../values/common-values.yaml values: - sourcePath: .nginx targetPath: . excludePaths: - .nginx.image - .nginx.imagePullSecrets - .nginx.ingress - .nginx.podSecurityContext - .nginx.securityContext - .nginx.livenessProbe - .nginx.readinessProbekind: ZarfPackageConfigmetadata: name: nginx description: UDS Nginx Example Package
values: files: - zarf-values.yaml schema: zarf-values.schema.json
components: - name: nginx required: true description: Deploy nginx with upstream images import: path: common only: flavor: upstream charts: - name: nginx valuesFiles: - values/upstream-values.yaml images: - nginx:1.30.0The zarf-values.yaml provides defaults that deployers can override:
uds-nginx-config: domain: uds.dev
nginx: replicaCount: 1 service: type: ClusterIP port: 8080 resources: {} autoscaling: enabled: false minReplicas: 1 maxReplicas: 100 targetCPUUtilizationPercentage: 80 volumes: [] volumeMounts: [] nodeSelector: {} tolerations: [] affinity: {}The zarf-values.schema.json validates the defaults above:
{ "$schema": "http://json-schema.org/draft-07/schema#", "type": "object", "additionalProperties": false, "properties": { "uds-nginx-config": { "type": "object", "additionalProperties": false, "properties": { "domain": { "type": "string" } } }, "nginx": { "type": "object", "additionalProperties": false, "properties": { "replicaCount": { "type": "integer", "minimum": 0 }, "service": { "type": "object", "additionalProperties": false, "properties": { "type": { "type": "string" }, "port": { "type": "integer", "minimum": 1, "maximum": 65535 } } }, "resources": { "type": "object" }, "autoscaling": { "type": "object" }, "volumes": { "type": "array", "items": { "type": "object" } }, "volumeMounts": { "type": "array", "items": { "type": "object" } }, "nodeSelector": { "type": "object" }, "tolerations": { "type": "array", "items": { "type": "object" } }, "affinity": { "type": "object" } } } }}Related documentation
Section titled “Related documentation”- Create a UDS Package - end-to-end guide for packaging an application as a UDS Package.
- Package testing - add journey and upgrade tests for your package.
- UDS Package Requirements - pre-publish checklist for required capabilities and standards.