UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects
Select Git revision
  • bb-2524/observability-operatorless
  • master default protected
  • update-kiali-tag-2.7.1-bb.0
  • 2624-update-packages-for-oi
  • update-argocd-tag-7.8.11-bb.0
  • 2610-set-operatorless-istio-tags
  • update-harbor-tag-1.16.2-bb.3
  • update-eck-operator-tag-2.16.1-bb.1
  • 2608-promtail-warning
  • add-istio-networking-labels
  • 2499-headlamp-integration-with-big-bang
  • update-nexus-tag-77.1.0-bb.0
  • update-thanos-tag-15.9.1-bb.3
  • update-mimir-tag-5.5.1-bb.11
  • update-grafana-tag-8.10.4-bb.1
  • update-kiali-tag-2.6.0-bb.1
  • test-nexus
  • TEST-ONLY-DO-NOT_MERGE-Kyvern0-test
  • update-nexus-tag-77.1.0-bb.1
  • update-elasticsearch-kibana-tag-1.28.0-bb.0
  • 2.49.0 protected
  • 2.49.0-rc.2 protected
  • 2.49.0-rc.1 protected
  • 2.49.0-rc.0 protected
  • 2.48.0 protected
  • 2.48.0-rc.4 protected
  • 2.48.0-rc.3 protected
  • 2.48.0-rc.2 protected
  • 2.48.0-rc.1 protected
  • 2.47.0 protected
  • 2.47.0-rc.2 protected
  • 2.47.0-rc.1 protected
  • 2.47.0-rc.0 protected
  • 2.46.0 protected
  • 2.46.0-rc.0 protected
  • 2.45.1 protected
  • 2.45.1-rc.0 protected
  • 2.45.0 protected
  • 2.45.0-rc.0 protected
  • 2.44.0 protected
40 results
Blame Permalink
3
values.yaml 50.48 KiB 
# -- Domain used for BigBang created exposed services, can be overridden by individual packages.
domain: bigbang.dev

# -- (experimental) Toggle sourcing from external repos.
# All this does right now is toggle GitRepositories, it is _not_ fully functional
offline: false

# -- Single set of registry credentials used to pull all images deployed by BigBang.
registryCredentials:
  registry: registry1.dso.mil
  username: ""
  password: ""
  email: ""

# -- Multiple sets of registry credentials used to pull all images deployed by BigBang.
# Credentials will only be created when a valid combination exists, registry, username, and password (email is optional)
# Or a list of registires:
#  - registry: registry1.dso.mil
#    username: ""
#    password: ""
#    email: ""
#  - registry: registry.dso.mil
#    username: ""
#    password: ""
#    email: ""

# Openshift Container Platform Feature Toggle
openshift: false

# -- Git credential settings for accessing private repositories
# Order of precedence is:
#   1. existingSecret
#   2. http credentials (username/password/caFile)
#   3. ssh credentials (privateKey/publicKey/knownHosts)
git:
  # -- Existing secret to use for git credentials, must be in the appropriate format: https://toolkit.fluxcd.io/components/source/gitrepositories/#https-authentication
  existingSecret: ""

  # -- Chart created secrets with user defined values
  credentials:
    # -- HTTP git credentials, both username and password must be provided
    username: ""
    password: ""
    # -- HTTPS certificate authority file.  Required for any repo with a self signed certificate
    caFile: ""
    # -- SSH git credentials, privateKey, publicKey, and knownHosts must be provided
    privateKey: ""
    publicKey: ""
    knownHosts: ""

# -- Global SSO values used for BigBang deployments when sso is enabled
sso:
  # -- Name of the identity provider.  This is used by some packages as the SSO login label.
  name: SSO
  # -- Base URL for the identity provider. For OIDC, this is the issuer.  For SAML this is the entityID.
  url: https://login.dso.mil/auth/realms/baby-yoda

  # -- Certificate authority for the identity provider's certificates
  certificateAuthority:
    # -- The certificate authority public certificate in .pem format.  Populating this will create a secret in each namespace that enables SSO.
    cert: "" # See docs/assets/configs/example/dev-sso-values.yaml for an example
    # -- The secret name to use for the certificate authority.  Can be manually populated if cert is blank.
    secretName: tls-ca-sso

  saml:
    # -- SAML entityDescriptor (metadata) path
    entityDescriptor: "{{ .Values.sso.url }}/protocol/saml/descriptor"
    # -- SAML SSO Service path
    service: "{{ .Values.sso.url }}/protocol/saml"
    # -- Literal SAML XML metadata retrieved from `{{ .Values.sso.saml.entityDescriptor }}`.  Required for SSO in Nexus, Twistlock, or Sonarqube.

UNCLASSIFIED - NO CUI