Newer
Older
# -- Toggle deployment of ArgoCD.
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
repo: https://repo1.dso.mil/big-bang/product/packages/argocd.git
helmRepo:
repoName: "registry1"
chartName: "argocd"
Ryan Garcia
committed
# -- Flux reconciliation overrides specifically for the ArgoCD Package
flux: {}
# -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
ingress:
gateway: ""
redis:
# -- Hostname of a pre-existing Redis to use for ArgoCD.
# Entering connection info will enable external Redis and will auto-create any required secrets.
host: ""
# -- Port of a pre-existing Redis to use for ArgoCD.
port: ""
# -- Toggle SSO for ArgoCD on and off
# -- ArgoCD OIDC client ID
client_id: ""
# -- ArgoCD OIDC client secret
client_secret: ""
# -- ArgoCD SSO group roles, see docs for more details: https://argo-cd.readthedocs.io/en/stable/operator-manual/rbac/
# -- Values to passthrough to the argocd chart: https://repo1.dso.mil/big-bang/product/packages/argocd.git
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
# -- Toggle deployment of Authservice.
Ryan Garcia
committed
# if enabling authservice, a filter needs to be provided by either enabling
# sso for monitoring or istio, or manually adding a filter chain in the values here:
# values:
# chain:
# minimal:
# callback_uri: "https://somecallback"
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
repo: https://repo1.dso.mil/big-bang/product/packages/authservice.git
helmRepo:
repoName: "registry1"
chartName: "authservice"
Ryan Garcia
committed
# -- Flux reconciliation overrides specifically for the Authservice Package
flux: {}
# -- Values to passthrough to the authservice chart: https://repo1.dso.mil/big-bang/product/packages/authservice.git
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
# -- Additional authservice chain configurations.
Ryan Garcia
committed
chains: {}
# ----------------------------------------------------------------------------------------------------------------------
# Minio Operator and Instance
#
minioOperator:
# -- Toggle deployment of minio operator and instance.
enabled: false
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
repo: https://repo1.dso.mil/big-bang/product/packages/minio-operator.git
path: "./chart"
helmRepo:
repoName: "registry1"
chartName: "minio-operator"
Ryan Garcia
committed
# -- Flux reconciliation overrides specifically for the Minio Operator Package
flux: {}
# -- Values to passthrough to the minio operator chart: https://repo1.dso.mil/big-bang/product/packages/minio-operator.git
values: {}
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
Ryan Garcia
committed
# -- Toggle deployment of minio.
enabled: false
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
repo: https://repo1.dso.mil/big-bang/product/packages/minio.git
path: "./chart"
helmRepo:
repoName: "registry1"
chartName: "minio-instance"
Ryan Garcia
committed
# -- Flux reconciliation overrides specifically for the Minio Package
flux: {}
# -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
ingress:
gateway: ""
# -- Default access key to use for minio.
accesskey: ""
# -- Default secret key to intstantiate with minio, you should change/delete this after installation.
secretkey: ""
# -- Values to passthrough to the minio instance chart: https://repo1.dso.mil/big-bang/product/packages/minio.git
values: {}
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
# host name only without the domain
gitlab: gitlab
registry: registry
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
repo: https://repo1.dso.mil/big-bang/product/packages/gitlab.git
helmRepo:
repoName: "registry1"
chartName: "gitlab"
Ryan Garcia
committed
# -- Flux reconciliation overrides specifically for the Gitlab Package
flux: {}
# -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
ingress:
gateway: ""
# -- Toggle OIDC SSO for Gitlab on and off.
# Enabling this option will auto-create any required secrets.
enabled: false
# -- Gitlab OIDC client ID
client_id: ""
# -- Gitlab OIDC client secret
client_secret: ""
# -- Gitlab SSO Scopes, default is ["Gitlab"]
scopes:
- Gitlab
# -- Hostname of a pre-existing PostgreSQL database to use for Gitlab.
# Entering connection info will disable the deployment of an internal database and will auto-create any required secrets.
host: ""
# -- Port of a pre-existing PostgreSQL database to use for Gitlab.
port: 5432
# -- Database name to connect to on host.
database: "" # example: gitlab
# -- Username to connect as to external database, the user must have all privileges on the database.
username: ""
# -- Database password for the username used to connect to the existing database.
password: ""
# -- Type of object storage to use for Gitlab, setting to s3 will assume an external, pre-existing object storage is to be used.
# Entering connection info will enable this option and will auto-create any required secrets
type: "" # supported types are "s3" or "minio"
# -- S3 compatible endpoint to use for connection information.
# examples: "https://s3.amazonaws.com" "https://s3.us-gov-west-1.amazonaws.com" "http://minio.minio.svc.cluster.local:9000"
endpoint: ""
# -- S3 compatible region to use for connection information.
region: ""
# -- Access key for connecting to object storage endpoint.
# -- If using accessKey and accessSecret, the iamProfile must be left as an empty string: ""
accessKey: ""
# -- Secret key for connecting to object storage endpoint.
# Unencoded string data. This should be placed in the secret values and then encrypted
accessSecret: ""
# -- Bucket prefix to use for identifying buckets.
# Example: "prod" will produce "prod-gitlab-bucket"
bucketPrefix: ""
# -- NOTE: Current bug with AWS IAM Profiles and Object Storage where only artifacts are stored. Fixed in Gitlab 14.5
# -- Name of AWS IAM profile to use.
# -- If using an AWS IAM profile, the accessKey and accessSecret values must be left as empty strings eg: ""
iamProfile: ""
smtp:
# -- Passwords should be placed in an encrypted file. Example: environment-bb-secret.enc.yaml
# If a value is provided BigBang will create a k8s secret named gitlab-smtp-password in the gitlab namespace
password: ""
redis:
# -- Redis plain text password to connect to the redis server. If empty (""), the gitlab charts will create the gitlab-redis-secret
# -- This needs to be set to a non-empty value in order for the Grafana Redis Datasource and Dashboards to be installed.
password: ""
Nicholas Wilburn
committed
# -- Rails plain text secret to define. If empty (""), the gitlab charts will create the gitlab-rails-secret with randomized data.
# Read the following for more information on setting Gitlab rails secrets: https://docs.gitlab.com/charts/installation/secrets#gitlab-rails-secret
railsSecret: ""
# -- Values to passthrough to the gitlab chart: https://repo1.dso.mil/big-bang/product/packages/gitlab.git
Ryan Garcia
committed
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
gitlabRunner:
# -- Toggle deployment of Gitlab Runner
enabled: false
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
repo: https://repo1.dso.mil/big-bang/product/packages/gitlab-runner.git
path: "./chart"
helmRepo:
repoName: "registry1"
chartName: "gitlab-runner"
Ryan Garcia
committed
# -- Flux reconciliation overrides specifically for the Gitlab Runner Package
flux: {}
# -- Values to passthrough to the gitlab runner chart: https://repo1.dso.mil/big-bang/product/packages/gitlab-runner.git
values: {}
Ryan Garcia
committed
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
nexusRepositoryManager:
# -- Toggle deployment of Nexus Repository Manager.
runyontr
committed
enabled: false
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
runyontr
committed
git:
repo: https://repo1.dso.mil/big-bang/product/packages/nexus.git
runyontr
committed
path: "./chart"
helmRepo:
repoName: "registry1"
chartName: "nexus-repository-manager"
runyontr
committed
# -- Base64 encoded license file.
license_key: ""
# -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
ingress:
gateway: ""
runyontr
committed
sso:
# -- Toggle SAML SSO for NXRM.
# -- handles SAML SSO, a Client must be configured in Keycloak or IdP
# -- to complete setup.
# -- https://support.sonatype.com/hc/en-us/articles/1500000976522-SAML-integration-for-Nexus-Repository-Manager-Pro-3-and-Nexus-IQ-Server-with-Keycloak#h_01EV7CWCYH3YKAPMAHG8XMQ599
enabled: false
# -- NXRM SAML SSO Integration data
idp_data:
# Nexus saml URL. example: "https://nexus.bigbang.dev/service/rest/v1/security/saml/metadata"
runyontr
committed
# -- IdP Field Mappings
# -- NXRM username attribute
username: ""
# -- NXRM firstname attribute (optional)
firstName: ""
# -- NXRM lastname attribute (optional)
lastName: ""
# -- NXRM email attribute (optional)
email: ""
# -- NXRM groups attribute (optional)
groups: ""
# -- NXRM Role
role:
# the id must match the Keycloak group name (case sensitive)
- id: ""
name: ""
description: ""
privileges: []
roles: []
runyontr
committed
# -- Flux reconciliation overrides specifically for the Nexus Repository Manager Package
flux: {}
# -- Values to passthrough to the nxrm chart: https://repo1.dso.mil/big-bang/product/packages/nexus.git
runyontr
committed
values: {}
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
# -- Toggle deployment of SonarQube.
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
repo: https://repo1.dso.mil/big-bang/product/packages/sonarqube.git
helmRepo:
repoName: "registry1"
chartName: "sonarqube"
Ryan Garcia
committed
# -- Flux reconciliation overrides specifically for the Sonarqube Package
flux: {}
# -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
ingress:
gateway: ""
# Enabling this option will auto-create any required secrets.
client_id: ""
# -- SonarQube login sso attribute.
login: login
# -- SonarQube name sso attribute.
name: name
# -- SonarQube email sso attribute.
email: email
# -- (optional) SonarQube group sso attribute.
group: group
# -- Hostname of a pre-existing PostgreSQL database to use for SonarQube.
host: ""
# -- Port of a pre-existing PostgreSQL database to use for SonarQube.
port: 5432
# -- Database name to connect to on host.
database: ""
# -- Username to connect as to external database, the user must have all privileges on the database.
username: ""
# -- Database password for the username used to connect to the existing database.
password: ""
# -- Values to passthrough to the sonarqube chart: https://repo1.dso.mil/big-bang/product/packages/sonarqube.git
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
fortify:
# -- Toggle deployment of Fortify.
enabled: false
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
git:
repo: https://repo1.dso.mil/big-bang/product/packages/fortify.git
helmRepo:
repoName: "registry1"
chartName: "fortify"
# -- Flux reconciliation overrides specifically for the Fortify Package
flux: {}
# -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
ingress:
gateway: ""
sso:
# -- Toggle SSO for Harbor on and off
enabled: false
# -- OIDC Client ID to use for Harbor
client_id: ""
# -- OIDC Client Secret to use for Harbor
client_secret: ""
# -- Values to passthrough to the fortify chart: https://repo1.dso.mil/big-bang/product/packages/fortify.git
values: {}
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
# ----------------------------------------------------------------------------------------------------------------------
# Deployment of HAProxy is automatically toggled depending on Monitoring SSO and Monitoring Istio Injection
#
Ryan Garcia
committed
haproxy:
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
Ryan Garcia
committed
git:
repo: https://repo1.dso.mil/big-bang/product/packages/haproxy.git
Ryan Garcia
committed
path: "./chart"
helmRepo:
repoName: "registry1"
chartName: "haproxy"
Ryan Garcia
committed
# -- Flux reconciliation overrides specifically for the HAProxy Package
flux: {}
# -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
ingress:
gateway: ""
# -- Values to passthrough to the haproxy chart: https://repo1.dso.mil/big-bang/product/packages/haproxy.git
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
# -- Toggle deployment of Anchore.
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
repo: https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise.git
helmRepo:
repoName: "registry1"
chartName: "anchore"
Ryan Garcia
committed
# -- Flux reconciliation overrides specifically for the Anchore Package
flux:
upgrade:
disableWait: true
# -- Initial admin password used to authenticate to Anchore.
adminPassword: ""
# -- Anchore Enterprise functionality.
# -- Toggle the installation of Anchore Enterprise. This must be accompanied by a valid license.
# -- License for Anchore Enterprise.
# For formatting examples see https://repo1.dso.mil/big-bang/product/packages/CHART.md#enabling-enterprise-services
# -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
ingress:
gateway: ""
# -- Toggle SAML SSO for Anchore on and off.
# Enabling this option will auto-create any required secrets (Note: SSO requires an Enterprise license).
# -- Anchore SAML client role attribute
# -- Hostname of a pre-existing PostgreSQL database to use for Anchore.
# Entering connection info will disable the deployment of an internal database and will auto-create any required secrets.
# -- Port of a pre-existing PostgreSQL database to use for Anchore.
# -- Username to connect as to external database, the user must have all privileges on the database.
# -- Database password for the username used to connect to the existing database.
# -- Database name to connect to on host (Note: database name CANNOT contain hyphens).
# -- Feeds database name to connect to on host (Note: feeds database name CANNOT contain hyphens).
# Only required for enterprise edition of anchore.
# By default, feeds database will be configured with the same username and password as the main database. For formatting examples on how to use a separate username and password for the feeds database see https://repo1.dso.mil/big-bang/product/packages/CHART.md#handling-dependencies
feeds_database: ""
# -- Hostname of a pre-existing Redis to use for Anchore Enterprise.
# Entering connection info will enable external redis and will auto-create any required secrets.
# Anchore only requires redis for enterprise deployments and will not provision an instance if using external
host: ""
# -- Port of a pre-existing Redis to use for Anchore Enterprise.
# -- OPTIONAL: Username to connect to a pre-existing Redis (for password-only auth leave empty)
username: ""
# -- Password to connect to pre-existing Redis.
# -- Values to passthrough to the anchore chart: https://repo1.dso.mil/big-bang/product/packages/anchore-enterprise.git
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
# ----------------------------------------------------------------------------------------------------------------------
# Mattermost Operator and Instance
mattermostOperator:
enabled: false
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
repo: https://repo1.dso.mil/big-bang/product/packages/mattermost-operator.git
path: "./chart"
helmRepo:
repoName: "registry1"
chartName: "mattermost-operator"
Ryan Garcia
committed
# -- Flux reconciliation overrides specifically for the Mattermost Operator Package
flux: {}
# -- Values to passthrough to the mattermost operator chart: https://repo1.dso.mil/big-bang/product/packages/values.yaml
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
mattermost:
# -- Toggle deployment of Mattermost.
enabled: false
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
repo: https://repo1.dso.mil/big-bang/product/packages/mattermost.git
helmRepo:
repoName: "registry1"
chartName: "mattermost"
Ryan Garcia
committed
# -- Flux reconciliation overrides specifically for the Mattermost Package
flux: {}
# -- Mattermost Enterprise functionality.
enterprise:
# -- Toggle the Mattermost Enterprise. This must be accompanied by a valid license unless you plan to start a trial post-install.
enabled: false
# -- License for Mattermost.
# This should be the entire contents of the license file from Mattermost (should be one line), example below
# license: "eyJpZCI6InIxM205bjR3eTdkYjludG95Z3RiOD---REST---IS---HIDDEN
license: ""
# -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
ingress:
gateway: ""
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
sso:
# -- Toggle OIDC SSO for Mattermost on and off.
# Enabling this option will auto-create any required secrets.
enabled: false
# -- Mattermost OIDC client ID
client_id: ""
# -- Mattermost OIDC client secret
client_secret: ""
database:
# -- Hostname of a pre-existing PostgreSQL database to use for Mattermost.
# Entering connection info will disable the deployment of an internal database and will auto-create any required secrets.
host: ""
# -- Port of a pre-existing PostgreSQL database to use for Mattermost.
port: ""
# -- Username to connect as to external database, the user must have all privileges on the database.
username: ""
# -- Database password for the username used to connect to the existing database.
password: ""
# -- Database name to connect to on host.
database: ""
# -- SSL Mode to use when connecting to the database.
# Allowable values for this are viewable in the postgres documentation: https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-SSLMODE-STATEMENTS
ssl_mode: ""
objectStorage:
# -- S3 compatible endpoint to use for connection information.
# Entering connection info will enable this option and will auto-create any required secrets.
# examples: "s3.amazonaws.com" "s3.us-gov-west-1.amazonaws.com" "minio.minio.svc.cluster.local:9000"
endpoint: ""
# -- Access key for connecting to object storage endpoint.
accessKey: ""
# -- Secret key for connecting to object storage endpoint.
# Unencoded string data. This should be placed in the secret values and then encrypted
accessSecret: ""
# -- Bucket name to use for Mattermost - will be auto-created.
bucket: ""
# -- Mattermost Elasticsearch integration - requires enterprise E20 license - https://docs.mattermost.com/deployment/elasticsearch.html
# Connection info defaults to the BB deployed Elastic, all values can be overridden via the "values" passthrough for other connections.
# See values spec in MM chart "elasticsearch" yaml block - https://repo1.dso.mil/big-bang/product/packages/values.yaml
elasticsearch:
# -- Toggle interaction with Elastic for optimized search indexing
enabled: false
# -- Values to passthrough to the Mattermost chart: https://repo1.dso.mil/big-bang/product/packages/values.yaml
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
velero:
# -- Toggle deployment of Velero.
enabled: false
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
repo: https://repo1.dso.mil/big-bang/product/packages/velero.git
helmRepo:
repoName: "registry1"
chartName: "velero"
Ryan Garcia
committed
# -- Flux reconciliation overrides specifically for the Velero Package
flux: {}
# -- Plugin provider for Velero - requires at least one plugin installed. Current supported values: aws, azure, csi
# -- Values to passthrough to the Velero chart: https://repo1.dso.mil/big-bang/product/packages/values.yaml
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
#
# ----------------------------------------------------------------------------------------------------------------------
# ----------------------------------------------------------------------------------------------------------------------
# Keycloak
#
keycloak:
# -- Toggle deployment of Keycloak.
# if you enable Keycloak you should uncomment the istio passthrough configurations above
# istio.ingressGateways.passthrough-ingressgateway and istio.gateways.passthrough
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
repo: https://repo1.dso.mil/big-bang/product/packages/keycloak.git
helmRepo:
repoName: "registry1"
chartName: "keycloak"
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
database:
# -- Hostname of a pre-existing database to use for Keycloak.
# Entering connection info will disable the deployment of an internal database and will auto-create any required secrets.
host: ""
# -- Pre-existing database type (e.g. postgres) to use for Keycloak.
type: postgres
# -- Port of a pre-existing database to use for Keycloak.
port: 5432
# -- Database name to connect to on host.
database: "" # example: keycloak
# -- Username to connect as to external database, the user must have all privileges on the database.
username: ""
# -- Database password for the username used to connect to the existing database.
password: ""
# -- Flux reconciliation overrides specifically for the OPA Gatekeeper Package
flux: {}
# -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
ingress:
# the istio gateway for keycloak must have tls.mode: PASSTHROUGH
gateway: "passthrough"
# -- Certificate/Key pair to use as the certificate for exposing Keycloak
# Setting the ingress cert here will automatically create the volume and volumemounts in the Keycloak Package chart
key: ""
cert: ""
# -- Values to passthrough to the keycloak chart: https://repo1.dso.mil/big-bang/product/packages/keycloak.git
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
# ----------------------------------------------------------------------------------------------------------------------
# Vault
#
vault:
# -- Toggle deployment of Vault.
enabled: false
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
repo: https://repo1.dso.mil/big-bang/product/packages/vault.git
# -- Flux reconciliation overrides specifically for the Vault Package
flux: {}
# -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
# -- Certificate/Key pair to use as the certificate for exposing Vault
# Setting the ingress cert here will automatically create the volume and volumemounts in the Vault package chart
key: ""
cert: ""
# -- Values to passthrough to the vault chart: https://repo1.dso.mil/big-bang/product/packages/vault.git
# -- Post Renderers. See docs/postrenders.md
# ----------------------------------------------------------------------------------------------------------------------
# Metrics Server
#
metricsServer:
# -- Toggle deployment of metrics server
# Acceptable options are enabled: true, enabled: false, enabled: auto
# true = enabled / false = disabled / auto = automatic (Installs only if metrics API endpoint is not present)
enabled: auto
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
repo: https://repo1.dso.mil/big-bang/product/packages/metrics-server.git
helmRepo:
repoName: "registry1"
chartName: "metrics-server"
# -- Flux reconciliation overrides specifically for the metrics server Package
flux: {}
# -- Values to passthrough to the metrics server chart: https://repo1.dso.mil/big-bang/product/packages/metrics-server.git
values: {}
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
# ----------------------------------------------------------------------------------------------------------------------
# Harbor
#
harbor:
# -- Toggle deployment of harbor
enabled: false
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
git:
repo: https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/harbor.git
path: "./chart"
helmRepo:
repoName: "registry1"
chartName: "harbor"
# -- Flux reconciliation overrides specifically for the Jaeger Package
flux: {}
# -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
ingress:
gateway: ""
sso:
# -- Toggle SSO for Harbor on and off
enabled: false
# -- OIDC Client ID to use for Harbor
client_id: ""
# -- OIDC Client Secret to use for Harbor
client_secret: ""
# -- Values to pass through to Habor chart: https://repo1.dso.mil/big-bang/product/packages/harbor.git
values: {}
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
# -- Wrapper chart for integrating Big Bang components alongside a package
wrapper:
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
helmRepo:
# -- Repository holding OCI chart, corresponding to `helmRepositories` name
repoName: "registry1"
# -- Name of the OCI chart in `repo`
chartName: wrapper
# -- Tag of the OCI chart in `repo`
# -- Git repo holding the wrapper helm chart, example: https://repo1.dso.mil/big-bang/product/packages/wrapper
repo: "https://repo1.dso.mil/big-bang/product/packages/wrapper.git"
# -- Path inside of the git repo to find the helm chart, example: chart
path: "chart"
# -- Git tag to check out. Takes precedence over branch. [More info](https://fluxcd.io/flux/components/source/gitrepositories/#reference), example: 0.0.2
# -- Packages to deploy with Big Bang
# @default - '{}'
packages:
# -- Package name. Each package will be independently wrapped for Big Bang integration.
# @default -- Uses `defaults/<package name>.yaml` for defaults. See `package` Helm chart for additional values that can be set.
sample:
# -- Toggle deployment of this package
# @default -- true
enabled: false
# -- Choose source type of "git" ("helmRepo" not supported yet)
sourceType: "git"
# -- Toggle wrapper functionality. See https://docs-bigbang.dso.mil/latest/docs/guides/deployment-scenarios/extra-package-deployment/#Wrapper-Deployment for more details.
# @default -- false
wrapper:
enabled: false
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
# -- Use a kustomize deployment rather than Helm
kustomize: false
# -- HelmRepo source is supported as an option for Helm deployments. If both `git` and `helmRepo` are provided `git` will take precedence.
helmRepo:
# -- Name of the HelmRepo specified in `helmRepositories`
# @default -- Uses `registry1` Helm Repository if not specified
repoName:
# -- Name of the chart stored in the Helm repository
# @default -- Uses values key/package name if not specified
chartName:
# -- Tag of the chart in the Helm repo, required
tag:
# -- Git source is supported for both Helm and Kustomize deployments. If both `git` and `helmRepo` are provided `git` will take precedence.
git:
# -- Git repo URL holding the helm chart for this package, required if using git
repo:
# -- Git commit to check out. Takes precedence over semver, tag, and branch. [More info](https://fluxcd.io/flux/components/source/gitrepositories/#reference)
commit:
# -- Git semVer tag expression to check out. Takes precedence over tag. [More info](https://fluxcd.io/flux/components/source/gitrepositories/#reference)
semver:
# -- Git tag to check out. Takes precedence over branch. [More info](https://fluxcd.io/flux/components/source/gitrepositories/#reference)
tag:
# -- Git branch to check out. [More info](https://fluxcd.io/flux/components/source/gitrepositories/#reference).
# @default -- When no other reference is specified, `master` branch is used
branch:
# -- Path inside of the git repo to find the helm chart or kustomize
# @default -- For Helm charts `chart`. For Kustomize `/`.
path:
# -- Optional, alternative existing secret to use for git credentials, must be in the appropriate format: https://toolkit.fluxcd.io/components/source/gitrepositories/#https-authentication
existingSecret: ""
# -- Optional, alternative Chart created secrets with user defined values
credentials:
# -- HTTP git credentials, both username and password must be provided
username: ""
password: ""
# -- HTTPS certificate authority file. Required for any repo with a self signed certificate
caFile: ""
# -- SSH git credentials, privateKey, publicKey, and knownHosts must be provided
privateKey: ""
publicKey: ""
knownHosts: ""
# -- Override flux settings for this package
flux: {}
# -- After deployment, patch resources. [More info](https://fluxcd.io/flux/components/helm/helmreleases/#post-renderers)
postRenderers: []
# -- Specify dependencies for the package. Only used for HelmRelease, does not effect Kustomization. See [here](https://fluxcd.io/flux/components/helm/helmreleases/#helmrelease-dependencies) for a reference.
dependsOn: []
# -- Package details for Istio. See [wrapper values](https://repo1.dso.mil/big-bang/product/packages/wrapper/-/blob/main/chart/values.yaml) for settings.
# -- Package details for monitoring. See [wrapper values](https://repo1.dso.mil/big-bang/product/packages/wrapper/-/blob/main/chart/values.yaml) for settings.
# -- Package details for network policies. See [wrapper values](https://repo1.dso.mil/big-bang/product/packages/wrapper/-/blob/main/chart/values.yaml) for settings.
# -- Secrets that should be created prior to package installation. See [wrapper values](https://repo1.dso.mil/big-bang/product/packages/wrapper/-/blob/main/chart/values.yaml) for settings.