Newer
Older
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
git:
repo: https://repo1.dso.mil/big-bang/product/packages/holocron.git
path: "./chart"
helmRepo:
repoName: "registry1"
chartName: "holocron"
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
collectorAuth:
# -- Name of existing secret with auth tokens for collector services: https://repo1.dso.mil/groups/big-bang/apps/sandbox/holocron/-/wikis/Administrator-Guide
# -- Default keys for secret are:
# -- gitlab-scm-0, gitlab-workflow-0, gitlab-build-0, jira-workflow-0, sonarqube-project-analysis-0
# -- If not provided, one will be created
existingSecret: ""
# -- Tokens for the secret to be created
gitlabToken: mygitlabtoken
jiraToken: myjiratoken
sonarToken: mysonartoken
jira:
# -- If there is a Jira deployment, enable a collector for it
enabled: false
service:
# -- The service name to communicate with
name: ""
# -- If network policies are enabled, a label to match the namespace for egress policy
label:
key: value
# -- Flux reconciliation overrides specifically for the Holocron Package
flux: {}
# -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
ingress:
gateway: ""
sso:
# -- Toggle SSO for Holocron on and off
enabled: false
# -- OIDC Client ID to use for Holocron
client_id: ""
# -- OIDC Client Secret to use for Holocron
client_secret: ""
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
# -- Holocron SSO group roles: https://repo1.dso.mil/groups/big-bang/apps/sandbox/holocron/-/wikis/Administrator-Guide
groups:
admin: ""
leadership: ""
database:
# -- Hostname of a pre-existing PostgreSQL database to use for Gitlab.
# -- Entering connection info will disable the deployment of an internal database and will auto-create any required secrets.
host: ""
# -- Port of a pre-existing PostgreSQL database to use for Gitlab.
port: 5432
# -- Database name to connect to on host.
database: "holocron"
# -- Username to connect as to external database, the user must have all privileges on the database.
username: "holocron"
# -- Database password for the username used to connect to the existing database.
password: "holocron"
# -- Post Renderers. See docs/postrenders.md
postRenderers: []
# -- Values to passthrough to the Holocron chart: https://repo1.dso.mil/big-bang/product/packages/holocron.git
values: {}
# ----------------------------------------------------------------------------------------------------------------------
# thanos
#
thanos:
# -- Toggle deployment of thanos
enabled: false
sso:
# -- Toggle SSO for Thanos on and off
enabled: false
# -- OIDC Client ID to use for Thanos
client_id: ""
# -- OIDC Client Secret to use for Thanos
client_secret: ""
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
#Enable S3 Object Storage for Thanos-sidecar https://thanos.io/tip/components/sidecar.md/ and enables Thanos Store Gateway by default https://thanos.io/tip/components/store.md/
objectStorage:
# -- S3 compatible endpoint to use for connection information.
# examples: "s3.amazonaws.com" "s3.us-gov-west-1.amazonaws.com" "minio.minio.svc.cluster.local:9000"
# Note: Thanos does not require protocol prefix for URL.
endpoint: ""
# -- S3 compatible region to use for connection information.
region: ""
# -- Access key for connecting to object storage endpoint.
accessKey: ""
# -- Secret key for connecting to object storage endpoint.
# Unencoded string data. This should be placed in the secret values and then encrypted
accessSecret: ""
# -- Bucket Name for Thanos
# examples: "Thanos-metrics"
bucket: ""
# -- Whether or not objectStorage connection should require HTTPS, if connecting to in-cluster object
insecure: false
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
git:
repo: https://repo1.dso.mil/big-bang/product/packages/thanos.git
path: "./chart"
helmRepo:
repoName: "registry1"
chartName: "thanos"
# -- Flux reconciliation overrides specifically for the Thanos Package
flux: {}
# -- Redirect the package ingress to a specific Istio Gateway (listed in `istio.gateways`). The default is "public".
ingress:
gateway: ""
values: {}
postRenderers: []
# -- Wrapper chart for integrating Big Bang components alongside a package
wrapper:
# -- Choose source type of "git" or "helmRepo"
sourceType: "git"
helmRepo:
# -- Repository holding OCI chart, corresponding to `helmRepositories` name
repoName: "registry1"
# -- Name of the OCI chart in `repo`
chartName: wrapper
# -- Tag of the OCI chart in `repo`
# -- Git repo holding the wrapper helm chart, example: https://repo1.dso.mil/big-bang/product/packages/wrapper
repo: "https://repo1.dso.mil/big-bang/product/packages/wrapper.git"
# -- Path inside of the git repo to find the helm chart, example: chart
path: "chart"
# -- Git tag to check out. Takes precedence over branch. [More info](https://fluxcd.io/flux/components/source/gitrepositories/#reference), example: 0.0.2
# -- Packages to deploy with Big Bang
# @default - '{}'
packages:
# -- Package name. Each package will be independently wrapped for Big Bang integration.
# @default -- Uses `defaults/<package name>.yaml` for defaults. See `package` Helm chart for additional values that can be set.
sample:
# -- Toggle deployment of this package
# @default -- true
enabled: false
# -- Choose source type of "git" ("helmRepo" not supported yet)
sourceType: "git"
# -- Toggle wrapper functionality. See https://docs-bigbang.dso.mil/latest/docs/guides/deployment-scenarios/extra-package-deployment/#Wrapper-Deployment for more details.
# @default -- false
wrapper:
enabled: false
# -- After deployment, patch wrapper resources. [More info](https://fluxcd.io/flux/components/helm/helmreleases/#post-renderers)
postRenderers: []
# -- Use a kustomize deployment rather than Helm
kustomize: false
# -- HelmRepo source is supported as an option for Helm deployments. If both `git` and `helmRepo` are provided `git` will take precedence.
helmRepo:
# -- Name of the HelmRepo specified in `helmRepositories`
# @default -- Uses `registry1` Helm Repository if not specified
repoName:
# -- Name of the chart stored in the Helm repository
# @default -- Uses values key/package name if not specified
chartName:
# -- Tag of the chart in the Helm repo, required
tag:
# -- If the HelmRelease should verify the cosign signature of the HelmRepo (only relevant if Repo is OCI). Set to 'false' to disable verification
#cosignVerify:
# -- Git source is supported for both Helm and Kustomize deployments. If both `git` and `helmRepo` are provided `git` will take precedence.
git:
# -- Git repo URL holding the helm chart for this package, required if using git
repo:
# -- Git commit to check out. Takes precedence over semver, tag, and branch. [More info](https://fluxcd.io/flux/components/source/gitrepositories/#reference)
commit:
# -- Git semVer tag expression to check out. Takes precedence over tag. [More info](https://fluxcd.io/flux/components/source/gitrepositories/#reference)
semver:
# -- Git tag to check out. Takes precedence over branch. [More info](https://fluxcd.io/flux/components/source/gitrepositories/#reference)
tag:
# -- Git branch to check out. [More info](https://fluxcd.io/flux/components/source/gitrepositories/#reference).
# @default -- When no other reference is specified, `master` branch is used
branch:
# -- Path inside of the git repo to find the helm chart or kustomize
# @default -- For Helm charts `chart`. For Kustomize `/`.
path:
# -- Optional, alternative existing secret to use for git credentials, must be in the appropriate format: https://toolkit.fluxcd.io/components/source/gitrepositories/#https-authentication
existingSecret: ""
# -- Optional, alternative Chart created secrets with user defined values
credentials:
# -- HTTP git credentials, both username and password must be provided
username: ""
password: ""
# -- HTTPS certificate authority file. Required for any repo with a self signed certificate
caFile: ""
# -- SSH git credentials, privateKey, publicKey, and knownHosts must be provided
privateKey: ""
publicKey: ""
knownHosts: ""
# -- Override flux settings for this package
flux: {}
# -- After deployment, patch package resources. [More info](https://fluxcd.io/flux/components/helm/helmreleases/#post-renderers)
postRenderers: []
# -- Specify dependencies for the package. Only used for HelmRelease, does not effect Kustomization. See [here](https://fluxcd.io/flux/components/helm/helmreleases/#helmrelease-dependencies) for a reference.
dependsOn: []
# -- Package details for Istio. See [wrapper values](https://repo1.dso.mil/big-bang/product/packages/wrapper/-/blob/main/chart/values.yaml) for settings.
# -- Package details for monitoring. See [wrapper values](https://repo1.dso.mil/big-bang/product/packages/wrapper/-/blob/main/chart/values.yaml) for settings.
# -- Package details for network policies. See [wrapper values](https://repo1.dso.mil/big-bang/product/packages/wrapper/-/blob/main/chart/values.yaml) for settings.
# -- Secrets that should be created prior to package installation. See [wrapper values](https://repo1.dso.mil/big-bang/product/packages/wrapper/-/blob/main/chart/values.yaml) for settings.
# -- ConfigMaps that should be created prior to package installation. See [wrapper values](https://repo1.dso.mil/big-bang/product/packages/wrapper/-/blob/main/chart/values.yaml) for settings.
configMaps: {}
# -- Values to pass through to package Helm chart
values: {}